Blended threats increase in frequency

Blended threats, which combine the characteristics of viruses, worms, Trojan Horses and malicious code with server and internet vulnerabilities, are on the increase according to Symantec’s latest Internet Security Threat Report (ISTR).

  • E-Mail
By  Maddy Reddy Published  October 27, 2003

|~||~||~|Blended threats, which combine the characteristics of viruses, worms, Trojan Horses and malicious code with server and internet vulnerabilities, are on the increase according to Symantec’s latest Internet Security Threat Report (ISTR). Furthermore, the number of internet-based security attacks is on the rise and both instant messenger (IM) and peer-to-peer (P2P) networking applications remain vulnerable.

“Blended threats accounted for 60% of malicious code submissions in the first half of 2003, with the number increasing by 20% [compared to last year],” says Kevin Isaac, Symantec’s regional director for Middle East & Africa.

During the first half of 2003, the Symantec report reveals that overall rates of attack activity rose by 19%. Furthermore, it shows that companies experienced approximately 38 attacks per week in first six months of the year, compared to 32 per week during the same period in 2002.

The security vendor also discovered more than 994 new Win32 viruses and worms, double the 445 documented in the first half of 2002, while the recent Win.32 Blaster worm was identified as one of the year’s most virulent strains of code as it infected as many as 2,500 computers per hour, costing companies an estimated US$2 billion in downtime and data losses.

As if this were not enough, Symantec expects to see greater worm propagation in the future, both in terms of the amount of blended threats released to the wild and their severity. For instance, the report reveals that 66% of all attacks documented in the first half of 2003 utilised vulnerabilities categorised as highly severe. This, in turn, will result in the overloading of network hardware, the crippling of network traffic and widespread inability to access the internet.

Although the bulk of the data crunched by Symantec’s security response team to create the ISTR came from outside of the Middle East, the worrying increase in attacks and vulnerabilities is still relevant to the local market as it ramps up its investments in IT.

“This report is as relevant for Middle East companies as for any company elsewhere in the world. If we study the data isolated from Symantec, it is still applicable,” says Isaac. “The security dynamics for Middle East companies are no different since the internet makes us a global community and it puts us next door to anyone,” he adds.

The virus writers and hackers’ attacks on the latest technology cause further concern as threats to IM, P2P applications and even Linux mean local users may not be secure even if they deploy the latest technology. As a result, Symantec recommends local end users make technology just a part of their defenses, in addition to well thought out and communicated policies. “The biggest problem we have is diligence and due process. Companies have to do awareness programmes.

Commonsense is all well and good, but users have the right to proper training that helps them identify what viruses are and how they can protect themselves against them,” says Isaac.

“Local companies need to ensure that they put their processes and procedures in place to ensure that their infrastructure is strong and secure. Security initiatives should start with process and people management,” he adds.

However, the vendor warns that improving security practices against just local threats is not enough as 80% of all vulnerabilities are exploited remotely, according to the ISTR.

||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code