Symantec security director says information security threats are stagnating

According to Kevin Haley, the bad boy threats machine has now reached the stage where they cannot pump out their malware any faster.

"I believe that we have reached a saturation point. You know how, after heavy rain, the ground can't absorb any more water and it begins to pool on the ground? We've reached that point with security incidents", he said.

The trends for 2011 on the Norton CyberCrime Index, he reports, are pretty much flat, with the explosive growth in malware the industry has seen in the last decade no longer sustainable.

"Maybe new hacker tools will come along, new propagation methods, or more platforms, or more people to infect. But for now, things are beginning to stagnate", he says in his latest security blog.

"This is not to say the problem is going away. There were 286 million new malware variants in 2010 - but even that mind-blowing number reflects a slowdown. It's more than the year before, but not the 100% increase we've reported in previous years. It's not like the growth we use to see", he adds.

But how does Haley explain the "endless parade" of security incidents seen in the last few weeks?

Well, he responds, in some ways, these are the puddles forming on the ground.

"It's not that rain has gotten harder, it's just that the ground has stopped absorbing them all. Some of what we are seeing does reflect the bad guys attacking new platforms and finding new people to infect. But it’s mainly puddles. And the fact that many of these incidents show how much higher the stakes have become", he explained.

There is, however, one type of security threat that remains on the rise, that of hacktivism, and Haley says that the hacktivist groups responsible for last December’s incidents have since moved on to other publicised attacks.

Against this backdrop, the Symantec director of security research says that the visibility of threats is rising, but the levels are no longer increasing.

"The good news is that these events are finally getting the attention they deserve. The bad news is that these incidents make clear the stakes are higher than they' ever been before", he said. 

What’s Hot on Infosecurity Magazine?