Confidential Information Increasingly Targeted by Internet Crooks

Symantec today issued its latest Internet Security Threat Report, covering attacks and vulnerabilities measured during the second half of 2004. Highlights of the report are available in this release:

Symantec Internet Security Threat Report Highlights Rise in Threats to Confidential Information

Key findings of the report include:

• Rise in Threats to Confidential Information
• Steady Increase in Phishing Attacks
• Increase in Attacks Against Web Applications
• Rise in Number of Windows Virus/Worm Variants
• Increase in Severe, Easy-to-Exploit, Remotely Exploitable Vulnerabilities

The report covers trends in attacks, vulnerabilities, malicious code, and other areas.

Symantec warns of the following emerging and future trends:

-- The use of bots and bot networks for financial gain will likely increase, especially as the diverse means of acquiring new bots and developing bot networks become more prevalent.

-- Malicious code targeting mobile devices is expected to increase in number and severity. With many groups researching vulnerabilities in Bluetooth-enabled devices, the possibility of a worm or some other type of malicious code propagating by exploiting these vulnerabilities increases.

-- Symantec expects that client-side attacks using worms and viruses as propagation methods will become more common.

-- Attacks hidden in embedded content in audio and video images are expected to increase. This is worrisome because image files are ubiquitous, almost universally trusted, and an integral part of modern day computing.

-- Symantec expects security risks associated with adware and spyware will likely increase. Impending legislation to curb these risks is not expected to be an effective or sufficient deterrent on its own.

AB -- 3/21/05