Report shows rise in code that attacks Windows flaws


22 Sep 2004

Windows viruses and worms have risen more than fourfold in the first half of this year, new data from Symantec has shown. Over the six months to June, the security software firm documented more than 4,496 new pieces of code designed to attack flaws in Microsoft’s operating system – more than 4.5 times the number in the same period in 2003.

Symantec, the world’s leading information security provider based on revenue, issued the findings in its newest Internet Security Threat Report. The sixth bi-annual report analyses and discusses trends in internet attacks, vulnerabilities and malicious code activity for the period of 1 January to 30 June 2004.

Other conclusions in the report show that e-commerce is the most targeted industry sector, having been victim to 16pc of all attacks detected by Symantec. The company said this rise may indicate a shift from attacks motivated by notoriety to attacks motivated by economic gain, a theory that is gaining ground in the security community. According to Symantec, the increase in phishing scams and spyware designed to steal confidential information and pass it along to attackers supports this view.

Peer-to-peer services, internet relay chat and network file sharing continue to be popular ways of spreading worms and other malicious code, Symantec found.

The report also revealed that the time between the announcement of a vulnerability in software and the release of code designed to exploit the flaw is now extremely short. This window of opportunity for hackers was 5.8 days in the past six months, said Symantec. Once the malicious code has been released, the vulnerability is often widely scanned for and quickly exploited. Symantec pointed out that this short window leaves organisations with less than a week to patch vulnerable systems.

“As this latest report demonstrates, exploits are being created more easily and faster than ever, while attackers are launching more sophisticated attacks for financial gain,” said Arthur Wong, vice-president, Symantec Security Response and Managed Security Services.

By Gordon Smith