As the Internet has evolved into a vast digital information and commerce hub, so too have the crimes perpetrated therein. Petty Web site vandalism and shotgun-style DoS (denial-of-service) attacks have paved the way for sophisticated data thefts and targeted phishing scams.
As reported by IDGNS, Symantec has released its most recent Internet Security Threat Report, which provides a grim reminder of just how dangerous the untamed Internet can be. The research covers the first half of 2006.
For now, Symantec reports that home users suffer the worst of cyberthieves' plots, accounting for 86 all targeted attacks. Financial services businesses follow, according to the report.
Net crooks' techniques have come a long way, making them all the more difficult to spot and track. "Symantec has identified increased attacks aimed at client-side applications, increased use of evasive tactics to avoid detection, and ... smaller, more targeted attacks focusing on fraud, data theft, and criminal activity."
Following are some of the numerical highlights from Symantec's Internet Security Threat Report, which can be downloaded from here [PDF]:
U.S. gives as good as it gets
- 6,110 - Average number of DoS attacks Symantec observed per day during the first half of 2006
- 54% - Percentage of worldwide DoS attacks targeting the U.S.
- 42% - Percentage of bot command-and-control servers in the U.S., the highest percentage of any country
- 37% - Percentage of worldwide attacks originating from the U.S., the highest of any country
- 2,249 - Number of new vulnerabilities documented by Symantec in the first half of 2006
- 18% - Increase in number of new vulnerabilities over the second half of 2005
- 47 - Number of vulnerabilities found in Mozilla browsers
- 38 - Number of vulnerabilities found in Internet Explorer
- 47% - Percentage of Web browser attacks targeting Internet Explorer, the more frequently attacked browser
- 80% - Percentage of vulnerabilities Symantec deemed "easily exploitable (up from 79%)
- 78% - Percentage of easily exploitable vulnerabilities that affected Web applications.
- 28 - Average window of exposure, in days, for enterprise vulnerabilities
- 9 - Average window of exposure, in days, for IE -- the highest of any browser
- 2 - Average window of exposure, in days, for Opera
- 1 - Average window of exposure, in days, for Mozilla
.. and patches
- 89 - Average number of days for Sun to develop patches for its OSes
- 53 - Average number of days for HP to develop patches for its OSes
- 37 - Average number of days for Apple to develop patches for its OSes
- 13 - Average number of days for Microsoft to develop patches for its OSes
- 13 - Average number of days for Red Hat to develop patches for its OSes
Trojans and viruses and worms, oh my
- 18% - Percentage of new distinct malicious code samples detected by Symantec honeypots in the first half of 2006
- 5 - Number of the top ten new reported malicious code families that were Trojans. The most prevalent for the period was the Polip virus.
- 38 - Number of the top 50 malicious code samples that were worms
- 75% - Percentage of the worms making up the volume of top 50 malicious code reports
- 6,784 - Number of new Win32 viruses and worms documented by Symantec
- 22% - Percentage of bots accounting for the top 50 malicious code reports, up from 20%
- 30 - Number of the top 50 malicious code samples that expose confidential information
Return to sender
- 157,477 - Number of unique phishing messages detected by the Symantec Probe Network in the first half of 2006
- 81% - Increase in the number of unique phishing messages since the second half of 2005
- 54% - Percentage of monitored e-mail traffic that was spam in the first half of 2006, up from 50%
- 58% - Amount of detected worldwide spam originating in the U.S.
- 8 - Number of adware programs among the top 10 reported security risks
- 3 - Number of "misleading applications" among the top 10 new security risks