Symantec Highlights Internet Threats
Phishing, client-side attacks, mobile attacks and worms: Those are among the security threats Symantec recently released in its Internet Security Threat Report, a six-month update of Internet threat activity. The comprehensive 96-page report covers the last half of 2004 and is based on data compiled and analyzed by its range of security products.
Among the highlights, phishing was cited as an emerging threat, particularly to e-commerce companies and financial institutions. From July 2004 through the end of last year, the number of phishing attempts blocked by Symantec filters rose from 9 million to 33 million messages per week. The company expects the problem to worsen and proposes a combination of best practices and better education to combat it. Symantec also sees an increased risk to Web applications, such as the Perl.Santy worm, which attacked the popular Web app phpBB last December.
The company says client-side exploits also are becoming an increasing security concern, resulting in attacks such as the Microsoft GDI+ Library JPEG Segment Length Integer Underflow Vulnerability. Symantec predicts that this shift will result in the increased use of worms as a starting point for new attacks, making traditional security mechanisms and procedures less effective. The company also warns against the emergence of bots and bot networks, which could result in DoS attacks or online extortion schemes. Also expected to intensify is the volume of attacks directed at mobile devices. Finally, the report states that the growing popularity of open-source and Macintosh systems is starting to make them more likely to be targeted, and that the risks from adware and spyware will also continue to grow and need to be combated.
