Viruses keep on growing

The volume of worms and viruses is increasing, but the rate of successful attacks has dropped, according to Symantec.

2 min read
The volume of worms and viruses is increasing, but the rate of successful attacks has dropped, according to a new report from Symantec.

The antivirus company's biannual Internet Security Threat Report found that 4,496 new Windows viruses and worms were released between January and June, up more than 4.5 times from the same period last year. But the daily volume of actual attacks decreased in the first six months of 2004, Symantec said.

From January through June, 1,237 new vulnerabilities were discovered, with 70 percent in the easy-to-exploit category and 96 percent considered moderate or highly severe. Nearly 39 percent of the total volume of attacks were linked with Web applications.

Slammer worm was the most common attack, with 15 percent of attacking IP addresses performing an attack related to Slammer. Gaobot, also known as Agobot, and its variants increased by more than 600 percent over the past six months and took second place, the company said.

E-commerce was the single most targeted industry, with nearly 16 percent of attacks directed against it, compared with 4 percent reported during the previous six months. Symantec said the rise could possibly be due to attacks motivated by economic gain, reflected to a rising number of phishing scams and spyware. Small businesses were targeted next.

"Exploits are being created more easily and faster than ever, while attackers are launching more sophisticated attacks for financial gain," Arthur Wong, vice president of Symantec's Security Response and Managed Security Services units, said in a statement.

The security software maker said Web application technologies have emerged as attractive targets for attacks, as they are widely used in businesses and can be attacked with relative ease. Nearly 82 percent of Web application vulnerabilities were classified as easy to exploit, Symantec said.

The average number of bots jumped from 2,000 to 30,000 a day. The number of different variants of bots is rising, increasing by 600 percent over the past six months, through peer-to-peer services, Internet relay chat and network file sharing. Adware is becoming problematic, accounting for half of the malicious code submissions.

The software maker said attacks targeted at firewalls, routers and other security devices are likely to go up in future. There may also be more bot networks that employ sophisticated techniques usually difficult to detect and locate. Symantec also expects to see port knocking, which may be used by attackers to create direct connections to potential target systems.