News

Web Security Threats on the Rise, Report Finds

It may not be Tony Soprano on the Web, but a new security report finds that wise-guy hackers have become increasingly organized.

Additionally, they have more targets to hit on the Internet, according to Marc Fossi, a Symantec Security researcher. Fossi is editor of the "Symantec Global Internet Security Threat Report: Trends for 2009, Volume XV," which was released on Tuesday. The 97-page report can be accessed here.

"Once the malicious activity takes root, it's really difficult to get rid of it, and we're seeing that increasingly on the Internet," Fossi said. "As everybody gets more and more connected between different computer networks, it just increases the attack surface and more information stored on various sources becomes vulnerable or targeted."

According to the report, the U.S. is once again No. 1 with the most malicious activity on the Internet. China and Brazil came in second and third place, respectively.

Key Findings
Vulnerabilities in browser-based applications represent the fastest-rising information security flaws anywhere, the report found.

The biggest increase in malicious code was concentrated in the Europe, Middle East and Africa (EMEA) region. EMEA now leads the world in the overall volume of new viruses, worms and trojans created. The United States was found to be home to the most botnet command and control servers. It's also the most frequent target in denial-of-service attacks, according to the report.

Corrupt code, which is sold and distributed over the Internet, is becoming more widely available. Symantec found that 2.9 million new threats were developed last year in coded form. The code can become "more complex and dangerous" through additional alterations.

Malware kits, Internet threats and various client-side vectors, along with zero-day exploits, have grown. Consequently, manually patching computers to protect them from each new vulnerability is considered to be a losing battle, according to Symantec's report.

Fossi noted the emergence of do-it-yourself malware kits, including the Zeus Kit and SpyEye.

"You can create a unique binary with these kits that are professional enough to where they're selling for one hundred dollars and then be deployed," Fossi said. "You don't have to have a high degree of skill to deploy malware that is an info stealer and [it] can be configured to just lock a system."

Fossi said he's not ruling out a return of the Conficker worm, which ravaged Windows networks last year. It was the biggest worm since Blaster, which did its damage in 2003 and 2004.

"Conficker is definitely a possibility to come back, if not in its original form, in a variant or a new iteration" he said. "In the end, whether Conficker will emerge again is also a big psychology question. If you say [Conficker's authors] have moved on to something else, that's when they prove you wrong. So, yes, the possibility remains."

Best Practices
The best ways to secure an IT environment and reduce risks is to use antivirus software, firewalls and network security measures. Enterprises can initiate intrusion detection and prevention policies as well.

Fossi recommended keeping up with patch management cycles too. "Keep your browsers patched, regardless of which one you use," he said.

On top of that, there are issues with browser plug-ins and IT pros should have a strategy for managing them. The most common Web-based attack in 2009 was associated with malicious PDF activity, accounting for 49 percent of the total. Weaknesses in ActiveX are a huge issue when using Internet Explorer.

"Securing the endpoint is just as important is securing the server," Fossi explained. "With the rise of Web-based attacks, the endpoint is becoming increasingly important. Because they expand network influences, you can stumble on all types of things. Client-side vulnerabilities are being exploited more than anything else now."

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Touting Azure for Operators, Microsoft Joins SDN Standards Group

    As part of its Azure for Operators program, Microsoft this week joined a nonprofit standards association that focuses on SDN technologies used by enterprises and service providers.

  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss. (Now updated with COVID-19-related event changes.)

  • Pilot Begins of Microsoft Teams-Salesforce CRM Integration

    A new capability that lets Microsoft Teams users access information from the Salesforce.com customer relationship management (CRM) platform debuted this week.

  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.