Today's threats change and morph within minutes and there are ever-increasing variations, said Amit Tailor, manager for sales engineering of Secure Computing, at IDC's IT Security, Storage, and Business Continuity Roadshow last week in Rosebank.
"There has been an increase in attack success, with the advent of Web 2.0 technologies exploding the threats," he said.
According to Tailor, only an average of 4% of vulnerabilities gets fixed on average, and 80% of malware are Web application exploits.
"Sixty-eight percent of malware in 2007 exposed confidential data, and there was a 500% increase in phishing," he said. "Using the Internet for malicious means has become a thriving business."
A large part of this lucrative business, explained Vitaliy Kamlyuk, senior virus analyst at Kaspersky Labs, lies in the botnet business.
A botnet, explained Kamlyuk, is a PC network consisting of infected machines.
"Criminals make use of botnets for many different reasons like distributed denial-of-service attacks, spam, phishing, ransoming, malware propagation and stealing private data.
"Bots are for sale on the Internet and be bought for a fee," he said. "You can even preview a demo and get online support if you have questions about your purchase. All of this greatly contributes to the sheer volume of threats we see today."
He also said it the business model and financial flow through a botnet ecosystem creates the certainty that Internet threats will not cease.
Kaspersky analyses packets over the Internet and identifies which are malicious so they can be traced back to the originating servers,
"Bringing such a server down by us would be illegal as it constitutes as unlawful access. Kaspersky can identify the malicious activity, but then need to pass it over to law enforcement to start an investigation."
"Kaspersky often detects viruses before they can be used for malicious means, which has led to us being accused on creating them," he concluded.
Share