Malicious code on the rise

A recent Symantec Internet security threat report paints a picture of an increasingly nefarious cyberspace, though one with an occasional thin silver lining.

"The Internet was founded on trust and there is very little of that trust today," said Michael Murphy, general manager of Symantec Canada in Toronto.

The report found that documented IT system vulnerabilities were up 81.5 per cent, and, alarmingly, 60 per cent of the known vulnerabilities are easily exploitable, requiring either an available tool or no tool at all.

On the upside, however, the percentage of new vulnerabilities with available exploits decreased.

Malicious code creations were up, too. Blended threats (such as Klez and Bugbear, those with multiple characteristics), which represented 80 per cent of the malicious code documented in 2002, doubled in number when compared to the same six-month period in 2001. But they were nowhere near as damaging as their 2001 counterparts Code Red and Nimda.

The lone bit of good news was tat network-based cyberattacks (excluding those generated by worm activity) were down six per cent.

"I did not take that to mean we are in a kinder, gentler world now," said Eric Ogren, senior analyst in the security solutions planning service with The Yankee Group in Boston.

Regardless, Ogren says the report is helpful. "It gets people’s attention," he said. "These kinds of numbers can actually help a CIO say, ‘Are we doing enough here to protect the company?’"

One finding that surprised Ogren was the time between a vulnerability discovery and the first documented attack. "There is some time there for security companies to actually do something about it…to basically beat the script kiddies," he said. Unfortunately end user overwork (or apathy) often allows for a successful malicious code launch even after vendors have made patches available to stop them.


The recent SQL Slammer outbreak never would have happened if SQL Server 2000 users had patched their systems last summer when Microsoft issued the fix, Ogren said. "A patch had been around for five months."

But he also understands IT’s predicament. "Companies are really deluged with the patches that they need to apply…[so] they can’t apply them all," he added.

Murphy said he was surprised by the 80.5 per cent growth in reported vulnerabilities.

"It is significant in the sense that it is that large, and that there are now over 6,000 known vulnerabilities for which there are many exploits [available]," he said. But Murphy has at least a partial explanation for the increase. Though there are more software bugs to exploit, Murphy said the industry is looking at itself more critically than in years past, and is now more forthcoming about disclosing new vulnerabilities.

Ogren puts part of the increase down to the simple fact that code is getting more complex year after year. "I don’t think coders have got any more shoddy (with their work)," he said. In fact, he said they have improved. But at the same time, the level of communication between developers has increased, and with it the reported number of vulnerabilities.

Murphy’s overall concern is that with the huge number of vulnerabilities needing either no specific code or easily attainable code, more people can easily get into the "hacking" game.

Ogren was also surprised by the increased vulnerability of open-source code (the report mentions an increase in malicious code targeting Linux systems but does not give exact numbers), one he said has outpaced the growth of open-source systems. He also voiced a concern with the ability to catch these vulnerabilities.

"It is very difficult for someone to look through a large section of open-source code and say ‘Oh, this does not look right,’" he said. "You would have to depend on the vigilance of the community (to find them)."

For the time being he suggests that users be extra vigilant and know exactly where their code comes from. "Don’t necessarily take code from a friend," Ogren said.

The bi-annual report is divided into three sections: cyberattack trends, vulnerability trends and malicious code trends. One interesting statistic was the fact attacks on Saturday and Sunday were at half the level of the rest of the week, once again proving hackers may indeed have lives.

The cyberattack data comes from Symantec’s managed security services sector, of which Symantec has more than 2,000 customers worldwide. The vulnerability statistics are from its security focus database, while the malicious code statistics come from Symantec’s research center database.

The entire report is available on Symantec’s Web site.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Chris Conrath

Show Comments


James Cook University - Master of Data Science Online Course

Learn more >


Sansai 6-Outlet Power Board + 4-Port USB Charging Station

Learn more >



Back To Business Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?