Online malware attacks are becoming more pervasive, targeted, and refined as the underground threat economy continues to evolve and take on the characteristics of an organized industry.
The latest iteration of Symantec's Internet Security Threat Report -- covering its research over the final six months of calendar 2007 and released on Tuesday at the ongoing RSA Conference 2008 in San Francisco -- finds that malware authors and the ecosystem of constituencies supporting cyber-crime are advancing the sophistication of their efforts at a staggeringly expeditious pace.
From the groups of exploit developers marketing malware toolkits to aspiring attackers to the people buying and selling stolen credentials, the entire landscape of electronic crime is taking off and increasingly resembles the security software community that is working to thwart it, Symantec researchers said.
In his keynote address at the RSA show, Symantec Chief Executive John Thompson reported that there is now more malicious code being created worldwide than there is legitimate software.
The trend is changing both the way that people view IT security in general -- and the manner in which companies like Symantec will need to rethink their anti-malware strategies, the executive said.
"If the growth of malicious software continues to outpace the growth of legitimate software, techniques like white-listing will become much more critical," Thompson said. "Identity management will only grow in importance and will need to expand beyond the enterprise environment -- into consumers. And this is not an easy problem for law enforcement -- the criminals themselves could be anywhere on the planet."