Symantec releases Internet threat report
Symantec Internet Security Threat Report reveals attackers using ‘abuse of trust’ methods to relieve victims of confidential information
The latest Internet Security Threat Report (ISTR), Volume XIII released today by Symantec in India concludes that the Web is now the primary conduit of attack activity, as opposed to network attacks, and that online users can increasingly be infected simply by visiting everyday Web sites. The report is derived from data collected by millions of Internet sensors, first-hand research and active monitoring of hacker communications and provides a global view of the state of Internet security.
“Users are often the weakest link in Internet security. Attackers can compromise the end user to steal confidential data from them. This can include personal information, corporate information stored insecurely on the end user’s computer, or account credentials the attacker can use to launch additional attacks,” said Prabhat Singh, Director, Symantec Security Response and Managed Security Services, “The use of social networking Web sites in phishing attacks is symptomatic of the trend toward targeting people rather than computers.”
Specific to India, Symantec has observed that malicious activity in the form of worms, viruses and Trojans is on the rise. More than 65 percent of malicious attacks in India were through worms as compared to the global average of 22 percent. This is a clear indication that basic security patch updates are not being installed by users. Malicious code propagation vectors like file sharing/executables were behind the high proliferation of viruses in India. Symantec also observed that rampant software piracy in India aided the spread of malware by the file sharing/executables mechanism.
According to the report, majority of phished Web sites that were detected globally during this reporting period spoofed social networking sites. This is a sign of caution for India too, since according to a recent industry report nearly 5-6 million Indians are actively involved in social networking and spend approximately 25-75 percent of their time online in social networking activities. They can become easy preys to ‘abuse of trust’ tactics.
“The sale of malicious services, outsourcing of resources such as phishing hosts and spambots, and bulk pricing are signs of a robust economy. These factors in the underground economy indicate that “business is booming,” said Vishal Dhupar, Managing Director, Symantec India, “So lucrative is the underground economy that organizations and individuals operating within it appear willing and able to change their business models or adopt new ones in response to changes in the threat landscape.”