Cyber attacks are getting smarter, warns Symantec

Number of threats is falling, but danger greater

  • E-Mail
By  Published  September 29, 2006

Cyber attacks are becoming increasingly more sophisticated even though the number of viruses and worms being written is going down, security firm Symantec warned this month.

While the number of new worms and viruses identified in the first six months of this year was just 6,700 — down from nearly 11,000 new worms and viruses identified for the last six months of 2005 — users should not get complacent, a senior executive at the company told IT Weekly last week.

“The reason for this [drop in numbers] is not that hackers are giving up. It is because they are becoming a lot more sophisticated and they are trying far more complex methods to hack organisations,” claimed Richard Archdeacon, director of the innovation team, enterprise segment, EMEA, at Symantec.

“Whereas before they would tend to use a more random type of attack, they are now becoming more focused and trying to hit organisations with very clever attack methods,” he said.

While the overall numbers of new threats had dropped, the firm said it found far fewer instances of “regurgitated” threats — ones where writers were just adapting existing malware code.

For businesses, Archdeacon said, this means “the hacker will not just launch an attack against an organisation. It will firstly put something into the organisation system, a [set] of malicious codes will just sit there and wait for a while and then it will go out and get a particular form of attack and use that,” he said.

Phishing attacks are also increasing, Archdeacon said. The number of phishing messages detected during the first six months of 2006 jumped 81% over the previous period, according to Symantec’s latest Internet Security Threat report.

Phishers are attempting to bypass filtering techniques by creating multiple randomised messages and distributing those messages in a broad, uncontrolled fashion, the report stated.

A key problem of the attacks, said Archdeacon, is that they are now multi-layered.

“The whole attack method people are now using is now interlocked so you can’t defend against one thing and ignore the other. Phishing could well be used to try and gain confidential information but also perhaps to drop down another attack weapon that could be used at a later date. All these different things, spam, phishing, virus, worms, they are all being used in conjunction now,” he said.

Home users, who are less likely to have established security measures in place, are particularly hard hit by cyber criminal attacks accounting for 86% of all targeted attacks, according to Symantec’s latest research.

Cyber attackers have also started adopting new techniques such as targeting malicious code at client-side applications, Symantec’s report warned.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code