Symantec Internet Security Threat Report Finds Online Crime Continues to Grow at a Record Pace
- 15 April, 2009 11:13
<p>Web-based attacks evolve as hackers target end-user information; underground economy continues to thrive</p>
<p>SYDNEY, Australia – April 15, 2009 – Symantec Corp. (Nasdaq; SYMC) today announced that online crime, in the form of malicious code activity, continued to grow at a record pace throughout 2008, primarily targeting confidential information of computer users. According to the company’s Internet Security Threat Report Volume XIV, Symantec created more than 1.6 million new malicious code signatures in 2008. This equates to more than 60 percent of the total malicious code signatures ever created by Symantec -- a response to the rapidly increasing volume and proliferation of new malicious code threats. These signatures helped Symantec block an average of more than 245 million attempted malicious code attacks across the globe each month during 2008.
The Internet Security Threat Report is derived from data collected by millions of Internet sensors, first-hand research, and active monitoring of hacker communications, and provides a global view of the state of Internet security. The study period for the ISTR XIV covers January 2008 to December 2008.</p>
<p>HIGHLIGHTS OF AUSTRALIAN FINDINGS:
• In 2008 Australia was listed as the sixth country for malicious activity in APJ with 5% of the overall proportion. China was the top country for malicious activity in APJ with 41% of the overall proportion
• In 2008, China was the top country hosting Web-based attacks in APJ with 79% in 2008. Australia was listed as the sixth country for Web-based attacks in APJ with 2% of the overall proportion. Australia ranked 27th globally.
• In 2008 Australia was listed as the fifth highest country for hosting phishing sites in APJ with 5% of the overall proportion. While Australia’s position did not change from 2007 to 2008, there was a 2% decrease (from 7% to 5%) in the percentage of top countries hosting phishing sites. 75 percent of hosted phishing sites from Australia were targeted at the financial sector
• Over the past year, Symantec observed a 192 percent increase in spam detected across the Internet as a whole, from 119.6 billion messages in 2007 to 349.6 billion in 2008. In 2008, bot networks were responsible for the distribution of approximately 90 percent of all spam email. Australia ranked 8th in 2008, up from 9th position in 2007, for the country of origin for spam, representing 3% of total spam within APJ compared to 2% in 2007. Australia was ranked 35th globally for the country of origin for spam</p>
<p>The report noted that Web surfing remained the primary source of new infections in 2008, and that attackers are relying more and more on customised malicious code toolkits to develop and distribute their threats. Furthermore, 90 percent of all threats detected by Symantec during the study period attempt to steal confidential information. Threats with a keystroke-logging capability—which can be used to steal information such as online bank account credentials—made up 76 percent of threats to confidential information, up from 72 percent in 2007.
Leveraging data from its recent Report on the Underground Economy, Symantec found that there continues to be a well-organised underground economy specialising in the sale of stolen confidential data, particularly credit card and bank account credentials. This underground economy is thriving; whereas prices for goods in the legitimate market have fallen, prices for goods in the underground economy have remained consistent from 2007 through 2008. The report also points to the increased resilience of malware authors against attempts to halt their activities. As an example, the shutdown of two U.S.-based botnet hosting outfits contributed to a significant decrease in active botnet activity during September and November 2008; however, botnet operators found alternate hosting Web sites and botnet infections quickly rose to their pre-shutdown levels.
Web application platforms were common sources of vulnerabilities during the evaluation period. These pre-built software products are designed to simplify the deployment of new Web sites and are in widespread use around the Internet. Many of these platforms were not designed with security in mind and consequently harbor numerous flaws leaving them potentially vulnerable to attack. Of all the vulnerabilities identified in 2008, 63 percent affected Web applications, up from 59 percent in 2007. Of the 12,885 site-specific cross-site scripting vulnerabilities reported in 2008 only 3 percent (394) had been fixed at the time the report was written.
The report found that phishing continued to grow. In 2008, Symantec detected 55,389 phishing website hosts, an increase of 66 percent over 2007, when Symantec detected 33,428 phishing hosts. Financial services accounted for 76 percent of phishing lures in 2008 compared to 52 percent in 2007.</p>
<p>Finally, the report found that the volume of spam continued to grow. Over the past year, Symantec observed a 192 percent increase in spam detected across the Internet as a whole, from 119.6 billion messages in 2007 to 349.6 billion in 2008. In 2008, bot networks were responsible for the distribution of approximately 90 percent of all spam e-mail.</p>
• By the end of 2008, there were more than 1 million individual computers infected by the worm Downadup (also known as Conficker); this worm was able to spread rapidly across the Internet due to a number of advanced propagation mechanisms. The number of Downadup/Conficker infections worldwide grew to more than 3 million infected systems during the first quarter of 2009.
• According to Symantec data, in 2008, the growth of malicious code activity was greatest in the Europe, Middle East and Africa region.
• In 2008, Symantec observed an average of more than 75, 000 active bot-infected computers each day, a 31 percent increase from 2007.</p>
• “As malicious code continues to grow at a record pace we’re also seeing that attackers have shifted away from mass distribution of a few threats to micro-distribution of millions of distinct threats,” said Stephen Trilling, vice president, Symantec Security Technology and Response. “Cybercriminals are profiting from creating and distributing customised threats that steal confidential information, particularly bank account credentials and credit card data. While the above ground economy suffers, the underground economy has remained consistently steady.”</p>
<p>• “The unfortunate reality is that innocent Web surfers can visit a compromised website and unknowingly place their personal and financial information at risk,” said Marc Fossi, executive editor, Symantec Internet Security Threat Report XIV. “Computer users have to be extra vigilant about their security practices.”</p>
<p>About the Symantec Global Intelligence Network
Symantec has established some of the most comprehensive sources of Internet threat data in the world through the Symantec Global Intelligence Network. This network captures worldwide security intelligence data that gives Symantec analysts unparalleled sources of data to identify, analyse, deliver protection and provide informed commentary on emerging trends in attacks, malicious code activity, phishing, and spam. More than 240,000 sensors in 200+ countries monitor attack activity through a combination of Symantec products and services as well as additional third-party data sources.</p>
<p>About Symantec Security Technology and Response
The Symantec Internet Security Threat Report is created by the Security Technology and Response (STAR) organisation. STAR, which includes Security Response, is a worldwide team of security engineers, threat analysts, and researchers that provides the underlying functionality, content, and threat expertise for all Symantec corporate and consumer security products. With global response centres located throughout the world, STAR monitors malicious code reports from more than 130 million systems across the Internet, receives data from 240,000 network sensors in more than 200 countries, and tracks more than 32,000 vulnerabilities affecting more than 72,000 technologies from more than 11,000 vendors. The team uses this vast intelligence to develop and deliver the world’s most comprehensive security protection.</p>
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organisations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored.</p>
<p>0405 735 323</p>
<p>+61 2 9954 3492</p>