Yesterday, Symantec, makers of popular Norton Antivirus, have released the eleventh version of their Internet Security Threat Report providing an overview of malware and attacks seen in a period from July to December, 2006.
This report is quite long, but very interesting read that is a must for everyone concerned about Internet security. For those who don’t have time reading the full document we provide a few key findings. You can find the rest of them in a smaller version of the report.
Attacks Trends Highlights
- Microsoft Internet Explorer was targeted by 77 percent of all attacks specifically targeting Web browsers.
- Home users were the most highly targeted sector, accounting for 93 percent of all targeted attacks.
- Symantec observed an average of 63,912 active bot-infected computers per day, an 11 percent increase from the previous period.
Vulnerability Trends Highlights
- Ninety-four percent of all easily exploitable vulnerabilities disclosed in the second half of 2006 were remotely exploitable.
- Symantec documented 54 vulnerabilities in Microsoft Internet Explorer, 40 in the Mozilla browsers, and four each in Apple Safari and Opera. Mozilla had a window of exposure of two days, the shortest of any Web browser during this period.
- Symantec documented 12 zero-day vulnerabilities during this period, a significant increase from the one documented in the first half of 2006.
- Trojans accounted for 60 percent of the top 50 malicious code samples when measured by potential infections.
- Keystroke logging threats made up 79 percent of confidential information threats by volume of reports, up from 57 percent in the first half of the year and 66 percent in the second half of 2005.
A few fragments from the Future Watch section of the report:
- As is discussed in the Future Watch section of this report, attackers are moving towards staged downloaders, also referred to as modular malicious code. These are small, specialized Trojans that download and install other malicious programs such as a back door or worm. During the current period, 75 percent of the volume of the top 50 malicious code reports contained a modular component such as this.
- Symantec believes that, in the near future, phishers will expand the scope of their targets to include new industry sectors. For example, they will likely start to target a number of the secondary economies introduced through so-called massively multiplayer online games (MMOGs).
- Symantec has also observed that phishers are starting to adopt a technique known as intelligence lead phishing. This is a practice in which the phisher compromises a database or social networking site to obtain user information.