News

Web Security Threats on the Rise, Report Finds

It may not be Tony Soprano on the Web, but a new security report finds that wise-guy hackers have become increasingly organized.

Additionally, they have more targets to hit on the Internet, according to Marc Fossi, a Symantec Security researcher. Fossi is editor of the "Symantec Global Internet Security Threat Report: Trends for 2009, Volume XV," which was released on Tuesday. The 97-page report can be accessed here.

"Once the malicious activity takes root, it's really difficult to get rid of it, and we're seeing that increasingly on the Internet," Fossi said. "As everybody gets more and more connected between different computer networks, it just increases the attack surface and more information stored on various sources becomes vulnerable or targeted."

According to the report, the U.S. is once again No. 1 with the most malicious activity on the Internet. China and Brazil came in second and third place, respectively.

Key Findings
Vulnerabilities in browser-based applications represent the fastest-rising information security flaws anywhere, the report found.

The biggest increase in malicious code was concentrated in the Europe, Middle East and Africa (EMEA) region. EMEA now leads the world in the overall volume of new viruses, worms and trojans created. The United States was found to be home to the most botnet command and control servers. It's also the most frequent target in denial-of-service attacks, according to the report.

Corrupt code, which is sold and distributed over the Internet, is becoming more widely available. Symantec found that 2.9 million new threats were developed last year in coded form. The code can become "more complex and dangerous" through additional alterations.

Malware kits, Internet threats and various client-side vectors, along with zero-day exploits, have grown. Consequently, manually patching computers to protect them from each new vulnerability is considered to be a losing battle, according to Symantec's report.

Fossi noted the emergence of do-it-yourself malware kits, including the Zeus Kit and SpyEye.

"You can create a unique binary with these kits that are professional enough to where they're selling for one hundred dollars and then be deployed," Fossi said. "You don't have to have a high degree of skill to deploy malware that is an info stealer and [it] can be configured to just lock a system."

Fossi said he's not ruling out a return of the Conficker worm, which ravaged Windows networks last year. It was the biggest worm since Blaster, which did its damage in 2003 and 2004.

"Conficker is definitely a possibility to come back, if not in its original form, in a variant or a new iteration" he said. "In the end, whether Conficker will emerge again is also a big psychology question. If you say [Conficker's authors] have moved on to something else, that's when they prove you wrong. So, yes, the possibility remains."

Best Practices
The best ways to secure an IT environment and reduce risks is to use antivirus software, firewalls and network security measures. Enterprises can initiate intrusion detection and prevention policies as well.

Fossi recommended keeping up with patch management cycles too. "Keep your browsers patched, regardless of which one you use," he said.

On top of that, there are issues with browser plug-ins and IT pros should have a strategy for managing them. The most common Web-based attack in 2009 was associated with malicious PDF activity, accounting for 49 percent of the total. Weaknesses in ActiveX are a huge issue when using Internet Explorer.

"Securing the endpoint is just as important is securing the server," Fossi explained. "With the rise of Web-based attacks, the endpoint is becoming increasingly important. Because they expand network influences, you can stumble on all types of things. Client-side vulnerabilities are being exploited more than anything else now."

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.