Press ReleaseSource: Symantec

Symantec Looks Back at the Internet Security Trends and Threats of 2007
Monday December 17, 2007 8:00 am ET

Company Also Provides Information on Threats to Watch for 2008

CUPERTINO, CA--(MARKET WIRE)--Dec 17, 2007 --
NEWS FACTS:

Symantec (NasdaqGS:SYMC - News), the leader in Internet security, has unveiled the top Internet security trends of 2007 that impacted consumers and business. The security trends emphasize the ongoing evolution of cybercrime becoming more professional and commercial. Two key trends that summarize the findings are "topical" and "trust" -- attackers in 2007 lured computer users by using current events and trusted brands.

Source: Symantec

     
 
The top 10 Internet security trends of 2007 as tracked by Symantec Response include:

  • Bots -- Bots and botnets, otherwise known as zombie networks, continued to silently slip onto unsecured computers and perpetrate a wide variety of malicious activity. Bots knocked Estonia off the online map and the Storm worm employed bot technology as well.
     
  • Data Breaches -- High-profile data breaches underscored the importance of data loss prevention technologies and strategies.
     
  • Vista Introduction -- Microsoft Vista made its debut and attackers quickly found holes. Microsoft has already released 16 security patches to address impacts on the new operating system.
     
  • Spam -- In 2007, spam reached new and record levels. Image spam declined while PDF spam emerged as a new annoyance. Greeting-card spam was also responsible for spreading the extremely pervasive Storm worm malware (also known as Peacomm).
     
  • Professional Attack Kits -- Today's attackers are increasingly sophisticated and organized and have begun to adopt methods that are similar to traditional software. They're actually selling easy-to-use cyber fraud kits for profit, to recruit non-tech savvy larcenists to learn how to defraud victims online. MPack is just one illustration of this phenomenon.
     
  • Phishing -- Phishing continued to be a big trend in 2007 with an 18 percent increase in unique phishing sites during the first half of the year. Phishing toolkits contributed to the problem. A recent Olympic phishing scheme illustrates the topical tricks phishers use as bait.
     
  • Exploitation of Trusted Brands -- By exploiting a trusted Web environment, attackers now prefer to lie in wait for victims to come to them. These trusted brands are often regional, since national brands usually have more-protected sites.
     
  • Web Plug-in Vulnerabilities -- Web plug-in vulnerabilities and exploits continued to plague IT experts and home users during 2007. ActiveX controls comprise the majority of plug-in vulnerabilities and pose various security threats that may compromise the availability, confidentiality, and integrity of a vulnerable computer.
     
  • Vulnerabilities for Sale -- Wabi Sabi Labi debuted and offered an auction-style system for selling vulnerability information to the highest bidder, sparking controversy and discussion between competing schools of thought on how to handle vulnerability information.
     
  • Virtual Machine Security Implications -- Virtualization made big headlines in 2007 with major players going public. Security researchers are actively exploring the security implications of virtual technology.

A LOOK AHEAD AT CYBERCRIME IN 2008

Below, Symantec's team of Internet security experts has forecasted the most highly anticipated security challenges for 2008:

  • Bot Evolution -- Symantec expects bots to diversify and evolve in their behavior. For example, phishing sites hosted by bot zombies may develop.
     
  • Election Campaigns -- As political candidates increasingly turn to the Internet, it is important to understand the associated security risks of increased dependence and interdependence on technology in the election process. These risks include the diversion of online campaign donations; dissemination of misinformation about candidates positions and conduct; fraud; phishing; and, the invasion of privacy.
     
  • Advanced Web Threats -- As the number of available Web services increases and as browsers continue to converge on a uniform interpretation standard for scripting languages, such as JavaScript, Symantec expects the number of new Web-based threats to continue to increase.
     
  • Mobile Platforms -- Interest in mobile security has never been higher. As phones become more complex, and more connected, Symantec expect attackers to take advantage.
     
  • Spam Evolution -- Symantec expects to see spam continuously evolve in order to evade traditional blocking systems and trick users into reading messages.
     
  • Virtual Worlds -- Symantec expects that as the use of persistent virtual worlds (PVWs) and massively multiplayer online games (MMOGs) expands, new threats will emerge as criminals, phishers, spammers, and others turn their attention to these new communities.

GENERAL BEST PRACTICES FOR CONSUMERS TO WARD OFF CYBERCRIME

  • Don't click on links sent in suspicious emails. Always type the known URL directly into the URL window.
     
  • Never open attachments received in emails from unknown senders.
     
  • Check your credit card statements and reports regularly for fraudulent activity that may have resulted from a data breach, hack or other malicious activity.
     
  • Be extra cautious when shopping online, particularly during the busy online holiday shopping season. Look for the lock symbol and "s" in the URL -- it should read "H-T-T-P-S" -- on any page that requests a credit card number.
     
  • Maintain active Internet security protection, which includes antivirus, antispyware, firewall and identity protection. Keep operating systems (for example, Windows® XP), browsers (for example, Internet Explorer), and other applications (such as RealPlayer or iTunes) updated with the latest security patches. Remember to protect your mobile devices too.
     
  • Use digital common sense -- if something seems askew online, don't proceed.

RELEVANT LINKS

To find out more about threats facing today's Internet users, visit the following resources:

ADDITIONAL INFORMATION FOR MEDIA

Symantec Response Internet security experts are available for remote interview for your television and online video stories. Please contact us to arrange.

About Symantec

Symantec is a global leader in infrastructure software, enabling businesses and consumers to have confidence in a connected world. The company helps customers protect their infrastructure, information and interactions by delivering software and services that address risks to security, availability, compliance and performance. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

Embedded Video Available

Embedded Video Available: http://www2.marketwire.com/mw/release_html_b1?release_id=340315


Contact:
     Contacts:
     Pamela Reese
     Symantec Corp.
     +1 (424) 750-7858
     Pamela_Reese@symantec.com
      
     Eric Lindbom
     CarryOn Communication for Symantec Corp.
     +1 (323) 988-4704
     ericl@carryonpr.com
      
Source: Symantec


Mail to Friend Email Story
Alerts Set News Alert
Printer Version  Print Story 

Copyright © 2008 Yahoo! Inc. All rights reserved. Privacy Policy - Terms of Service
Copyright © 2008 Marketwire. All rights reserved. All the news releases provided by Marketwire are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.