Johannesburg, 20 Sep 2005
While SA is seeing an increased uptake and interest in Internet connectivity and broadband technologies, Internet security threats often go unreported and are a bigger problem than is perceived by the industry, solutions provider Symantec said yesterday.
Speaking after the group released its eighth biannual Internet Security Threat Report, Pieter van Niekerk, principal security consultant for Symantec sub-Saharan Africa, said the latest study highlights a change in the threat landscape.
During the period 1 January to 30 June 2005, data showed that attackers are moving away from large multi-purpose attacks on network perimeters toward smaller, more targeted attacks on host systems targets.
These attacks also increasingly tend to be designed with financial motives, said Van Niekerk, as was seen with the phishing attacks on Standard Bank and First National Bank in SA earlier this year.
The report shows a general increase for the six months of 2005, with the volume of phishing messages growing from an average of 2.99 million messages a day to 5.7 million.
Van Niekerk noted that the reporting period also saw an increase in malicious code for profit. New methods of using malicious code for financial gain is being observed with increased frequency - 64% of the top 50 malicious code samples reported to Symantec allowed spam relaying.
The group reported a daily average of 10 352 computers that were active in a bot network - an increase of more than 140% from the previous reporting period`s 4 348.
Van Niekerk stated that this is a serious security concern as, with increasing financial rewards, attackers are likely to develop more sophisticated and stealthier malicious code that will attempt to disable anti-virus software, firewalls and other security measures.
A rise in confidential information exposure and malicious code variants was also detected, in addition to an increase in vulnerability disclosure. Van Niekerk stated that 97% of these vulnerabilities were classified as moderate or high. Some 59% of all vulnerabilities were found in Web application technologies, marking an increase of 59% over the previous reporting period and a 109% increase over the first six months of 2004.
"Traditional defences are not enough, as the volume and severity of attacks continue to rise," he said. He added that organisations should focus on layered defence strategies to protect multi-perimeter environments, networks, data and applications.
In addition, the global report found that spam accounted for 61% of all e-mail traffic during the first six months of this year, with 51% of all spam received originating in the US. In SA, spam accounted for 70% of all e-mail traffic during this period.
According to Van Niekerk, the prevalence of modular malicious code, which downloads additional functionality, is expected to increase, while bot networks are expected to increase in number, diversity and sophistication.
He said phishing targets are likely to expand, as phishers employ increasingly sophisticated methods to avoid detection. Adware and spyware are expected to appear with increasing frequency on mobile devices and to employ stealthier technology to avoid detection.
An increase in the number of attacks and threats directed at wireless networks is likely, while voice over Internet Protocol threats are expected to emerge as more enterprises converge data and voice networks, Van Niekerk said.
Share