Malicious code on the rise

A recent Symantec Internet security threat report paints a picture of an increasingly nefarious cyberspace, though one with an occasional thin silver lining.

"The Internet was founded on trust and there is very little of that trust today," said Michael Murphy, general manager of Symantec Canada in Toronto.

The report found that documented IT system vulnerabilities were up 81.5 per cent, and, alarmingly, 60 per cent of the known vulnerabilities are easily exploitable, requiring either an available tool or no tool at all.

On the upside, however, the percentage of new vulnerabilities with available exploits decreased.

Malicious code creations were up, too. Blended threats (such as Klez and Bugbear, those with multiple characteristics), which represented 80 per cent of the malicious code documented in 2002, doubled in number when compared to the same six-month period in 2001. But they were nowhere near as damaging as their 2001 counterparts Code Red and Nimda.

The lone bit of good news was tat network-based cyberattacks (excluding those generated by worm activity) were down six per cent.

"I did not take that to mean we are in a kinder, gentler world now," said Eric Ogren, senior analyst in the security solutions planning service with The Yankee Group in Boston.

Regardless, Ogren says the report is helpful. "It gets people’s attention," he said. "These kinds of numbers can actually help a CIO say, ‘Are we doing enough here to protect the company?’"

One finding that surprised Ogren was the time between a vulnerability discovery and the first documented attack. "There is some time there for security companies to actually do something about it…to basically beat the script kiddies," he said. Unfortunately end user overwork (or apathy) often allows for a successful malicious code launch even after vendors have made patches available to stop them.

YOU MIGHT WANT TO PATCH THAT

The recent SQL Slammer outbreak never would have happened if SQL Server 2000 users had patched their systems last summer when Microsoft issued the fix, Ogren said. "A patch had been around for five months."

But he also understands IT’s predicament. "Companies are really deluged with the patches that they need to apply…[so] they can’t apply them all," he added.

Murphy said he was surprised by the 80.5 per cent growth in reported vulnerabilities.

"It is significant in the sense that it is that large, and that there are now over 6,000 known vulnerabilities for which there are many exploits [available]," he said. But Murphy has at least a partial explanation for the increase. Though there are more software bugs to exploit, Murphy said the industry is looking at itself more critically than in years past, and is now more forthcoming about disclosing new vulnerabilities.

Ogren puts part of the increase down to the simple fact that code is getting more complex year after year. "I don’t think coders have got any more shoddy (with their work)," he said. In fact, he said they have improved. But at the same time, the level of communication between developers has increased, and with it the reported number of vulnerabilities.

Murphy’s overall concern is that with the huge number of vulnerabilities needing either no specific code or easily attainable code, more people can easily get into the "hacking" game.

Ogren was also surprised by the increased vulnerability of open-source code (the report mentions an increase in malicious code targeting Linux systems but does not give exact numbers), one he said has outpaced the growth of open-source systems. He also voiced a concern with the ability to catch these vulnerabilities.

"It is very difficult for someone to look through a large section of open-source code and say ‘Oh, this does not look right,’" he said. "You would have to depend on the vigilance of the community (to find them)."

For the time being he suggests that users be extra vigilant and know exactly where their code comes from. "Don’t necessarily take code from a friend," Ogren said.

The bi-annual report is divided into three sections: cyberattack trends, vulnerability trends and malicious code trends. One interesting statistic was the fact attacks on Saturday and Sunday were at half the level of the rest of the week, once again proving hackers may indeed have lives.

The cyberattack data comes from Symantec’s managed security services sector, of which Symantec has more than 2,000 customers worldwide. The vulnerability statistics are from its security focus database, while the malicious code statistics come from Symantec’s research center database.

The entire report is available on Symantec’s Web site.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Chris Conrath

Computerworld
Show Comments

Father’s Day Gift Guide

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?