Symantec Report Details the Evolving Threat Landscape

Tuesday, April 05, 2011



Symantec has released the Internet Security Threat Report (ISTR) Volume 16, which lists targeted attacks, social media threats, and mobile device vulnerabilities as the top trends to monitor in the evolving threat landscape.

The report notes a dramatic increase in the exploitation of Java vulnerabilities as an attack vector, as well as an increase in the use of widely available attack toolkits.

Also highlighted in the report is a measurable increase in the use of social networks for attack distribution, particularly the use of shortened URLs to distribute malware.

The increased popularity of smartphones and tablets among consumers has also spurred an increase in the targeting of mobile devices, with a 43% increase year over year.

Also trending upwards are targeted attacks, as best exemplified by the emergence of the Stuxnet virus. Symantec predicts a continued increase in targeted attacks against both government and enterprise targets with the acquisition of sensitive information and intellectual property as the goal.

“Stuxnet and Hydraq, two of the most visible cyber-events of 2010, represented true incidents of cyberwarfare and have fundamentally changed the threat landscape. The nature of the threats has expanded from targeting individual bank accounts to targeting the information and physical infrastructure of nation states," said Stephen Trilling, senior vice president, Symantec Security Technology and Response.

Other key facts and figures in the report:

  • 286 million new threats – Polymorphism and new delivery mechanisms such as Web attack toolkits continued to drive up the number of distinct malware programs. In 2010, Symantec encountered more than 286 million unique malicious programs.
  • 93 percent increase in Web-based attacks – Web attack toolkits drove the 93 percent increase in the volume of Web-based attacks in 2010. The use of shortened URLs also impacted this increase.
  • 260,000 identities exposed per breach – This is the average number of identities exposed per breach in data breaches caused by hacking during 2010.
  • 14 new zero-day vulnerabilities – Zero-day vulnerabilities played a key role in targeted attacks including Hydraq and Stuxnet. Stuxnet alone used four different zero-day vulnerabilities.
  • 6,253 new vulnerabilities – Symantec documented more vulnerabilities in 2010 than in any previous reporting period.
  • 42 percent more mobile vulnerabilities – In a sign that cybercriminals are starting to focus their efforts on the mobile space, the number of reported new mobile operating system vulnerabilities increased, from 115 in 2009 to 163 in 2010.
  • One botnet with more than a million spambots – Rustock, the largest botnet observed in 2010, had more than one million bots under its control at one point during the year. Other botnets such as Grum and Cutwail followed with many hundreds of thousands of bots each.
  • 74 percent of spam related to pharmaceuticals – Nearly three quarters of all spam in 2010 was related to pharmaceutical products—a great deal of which was related to pharmaceutical websites and related brands.
  • $15 per 10,000 bots – Symantec observed an advertisement that listed the price for 10,000 bot-infected computers as $15 on an underground forum in 2010. Bots are typically used for spam or rogueware campaigns, but are increasingly also used for DDoS attacks.
  • $0.07 to $100 per credit card – The price for credit card data on underground forums ranged widely in 2010. Factors dictating prices include the rarity of the card and discounts offered for bulk purchases.

"The Internet Security Threat Report is derived from data collected by tens of millions of Internet sensors, first-hand research and active monitoring of hacker communications, and it provides a global view of the state of Internet Security. The study period for the Internet Security Threat Report Volume 16 spans January 2010 to December 2010."


Possibly Related Articles:
Viruses & Malware
Java malware Social Media Symantec Mobile Devices Stuxnet Headlines Cyber Warfare toolkit Targeted Attacks ISTR
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.