Rise in Cybercrime Activity

8 March 2006

Symantec Internet Security Threat ReportTracks Notable Rise in Cybercrime Activity

80 Percentof the Top 50 Malicious Code Samples Could RevealConfidential Information

Symantec Corp. (Nasdaq: SYMC)today released its ninth volume of the Internet SecurityThreat Report, one of the most comprehensive sources ofInternet threat data in the world. The semiannual report,covering the six-month period from July 1, 2005 to Dec. 31,2005, marks an increase in threats designed to facilitatecybercrime.

While past attacks were designed to destroydata, today s attacks are increasingly designed to silentlysteal data for profit without doing noticeable damage thatwould alert a user to its presence. In the previous InternetSecurity Threat Report, Symantec cautioned that maliciouscode for profit was on the rise, and this trend continuedduring the second half of 2005. Malicious code threats thatcould reveal confidential information rose from 74 percentof the top 50 malicious code samples last period to 80percent this period.

"Cybercrime represents today sgreatest threat to consumers digital lifestyle and toonline businesses in general," said Arthur Wong, vicepresident, Symantec Security Response and Managed SecurityServices. "The unparalleled insight this report providesinto how cybercrime is happening and how it can be preventedenables Symantec to help protect the widest variety ofcustomers in the world."

The report also details thegrowing trend of attackers using bot networks, targetedattacks on web applications and web browsers, and modularmalicious code. Based on this and data from previousreporting periods, Symantec expects to see more diverse andsophisticated threats used for cybercrime as well as anincrease in the theft of confidential, financial, andpersonal information for financial gain.

Crimeware ToolsExpand Reach, Function

Cybercrime-related threats aregaining momentum through the use of crimeware, softwaretools built with the purpose of committing online scams andstealing information from consumers and businesses. AsSymantec noted in the previous Internet Security ThreatReport, attackers are moving away from large, multiplepurpose attacks against traditional security devices such asfirewalls and routers. Instead, they are focusing theirefforts on regional targets, desktops and web applicationsthat may allow an attacker to steal corporate, personal,financial, or confidential information; this informationcould then be used for additional criminal activity.

Programs that provide attackers with unauthorised controlof a computer, known as bots, also contribute to the rise incybercrime threats. While the number of bot-infectedcomputers is 11 percent lower than last period -- with anaverage of 9,163 infected systems identified each day duringthe current reporting period -- bot networks are increasinglyused for criminal activities such as denial of service(DoS)-based extortion attempts. Symantec estimates that thismeasurement is only capturing a portion of global activityand that the actual infection numbers are likely to be muchhigher. On average, Symantec observed 1,402 DoS attacks perday, a 51 percent increase over the previous reportingperiod. Symantec speculates that this growth trend willcontinue as attackers leverage an increasing number ofweb-based application and browser vulnerabilities.

In theprevious report, Symantec speculated that attacks directedat web applications would increase. During the currentreporting period, 69 percent of the vulnerabilities reportedto Symantec affected web application technologies, a 15percent increase over the previous period. Web applicationtechnologies, which rely on a browser for their userinterface, present an easier target for attackers due totheir availability over commonly allowed protocols such asHTTP.

Symantec has also seen an increase in modularmalicious code, which initially possesses limitedfunctionality but is designed to update itself with new,more damaging capabilities. Modular malicious threats oftenexpose confidential information that can then be used inidentity theft, credit card fraud, or other criminalfinancial activities. During the last six months of 2005,modular malicious code accounted for 88 percent of the top50 malicious code samples reported to Symantec, up from 77percent last period.

Additional Key Findings

- Chinaexperienced the largest increase of bot-infected computers,with 37 percent growth -- 24 percentage points above theaverage increase -- putting China behind only the U.S. inthis category. The increase is likely related to China srapid growth in broadband internet connections. China alsosaw the largest overall increase in originating attacks;such attacks increased by 153 percent over the last period,marking 72 percentage points above the average increase.Bots may be an increasing source of this activity.

-Phishing threats, which are attempts to deceive users intorevealing confidential information, continued to increaseduring the last half of 2005 while focusing on smaller,regional targets. During the last half of 2005, 7.92 milliondaily phishing attempts were identified, an increase overthe 5.70 million attempts per day in the previous reportingperiod. Symantec expects to see an increase in the number ofphishing messages and malicious code distributed throughinstant messaging services in the future.

- Symantecdocumented 1,895 new software vulnerabilities, the largesttotal recorded number of vulnerabilities since 1998. Ofthese, 97 percent were considered moderately or highlysevere and 79 percent were considered easy to exploit.

-Tohighlight the importance of applying operating system andapplication patches quickly, Symantec assessed the time ittook for attackers to compromise newly installed operatingsystems in standard deployments such as web servers anddesktops. Of the servers, Windows 2000 Server with nopatches had the shortest average time to compromise, whilepatched Windows 2003 Web Edition and both unpatched andpatched RedHat Enterprise Linux 3 were not compromised inthe testing period. Of the desktops, Microsoft Windows XPProfessional with no patches had the shortest average timeto compromise, while the same desktop system with allpatches applied as well as SuSE Linux 9 Desktop were notcompromised.

- With the increased volume ofvulnerabilities discovered, Symantec also monitored thespeed that organisations were able to patch vulnerablesystems. During this reporting period, an average of 6.8days elapsed between the announcement of a vulnerability andthe release of associated exploit code, up from six dayslast period. An average of 49 days elapsed between thedisclosure of a vulnerability and the release of avendor-supplied patch.

Consequently, enterprises andconsumers may be susceptible to potential attack for 42days, highlighting the need for users to patch systems ortake other protective measures as soon as possible. Symantecexpects that the commercialisation of vulnerability researchwill increase, with a growth in black market forums and anincrease in vulnerability information purchased for criminalpursuits.

- Symantec documented a small increase in newWin32 virus and worm variants with 10,992 this period versus10,866 last period. This trend is part of a noticeabledecline in category 3 and 4 threats (moderate and extremelyserious) and a corresponding increase in category 1 and 2threats (low and very low). The number of new Win32 virusand worm families also decreased by 39 percent -- from 170new families in the first half of 2005 to 104 this period.This suggests that malicious code developers may be choosingto modify currently circulating source code rather thandeveloping new threats from scratch.

About the SymantecInternet Security Threat Report

The Symantec InternetSecurity Threat Report provides analysis of network-basedattacks, a review of known vulnerabilities, and highlightsof malicious code and additional security risks. Employingthe Symantec Global Intelligence Network, Symantecidentifies and analyses emerging trends in Internet securityactivity. This unparalleled pool of data includes thefollowing:

- Symantec DeepSight Threat Management Systemand Symantec Managed Security Services: more than 40,000sensors monitor network activity in more than 180 countriesand comprehensively track attack activity across the entireinternet

- Symantec s antivirus solutions: more than 120million client, server, and gateway systems that havedeployed Symantec s antivirus products provide reports onmalicious code as well as spyware and adware

-Vulnerability database: covering more than 13,000vulnerabilities affecting more than 30,000 technologies frommore than 4,000 vendors, Symantec maintains one of theworld s most comprehensive databases of securityvulnerabilities

- BugTraq: one of the most popular forumsfor the disclosure and discussion of vulnerabilities on theInternet, with more than 50,000 subscribers

- SymantecProbe Network: a system of more than two million decoyaccounts, attracting email messages from 20 differentcountries around the world, allowing Symantec to gaugeglobal spam and phishing activity The full report isavailable for download from www.symantec.com. Broadcastmedia can download multimedia fromwww.thenewsmarket.com/symantec. About Symantec

Symantec is the world leader in providing solutions tohelp individuals and enterprises assure the security,availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operationsin more than 40 countries. More information is available atwww.symantec.com.

ENDS
THIS ISSUE Lead NZ News NZ Politics World News FeaturesNew Zealand News NEW ZEALAND LEAD: Arts: The Making of The Holy Sinner - This NZ International Arts Festival sees a revival of the acclaimed New Zealand production The Holy Sinner - also a return to theatre for Marie Adams and Mike Mizrahi's Inside Out Productions after more than a decade creating large-scale commercial and public events. Mike Mizrahi spoke to Scoop about coming back to theatre and The Holy Sinner and bringing Inside Out's lavish production skills and storytelling techniques to the indoor stage in New Zealand. Arts Festival Preview: The Holy Sinner's Mike Mizrahi

Industrial Espionage: APN Caught Eavesdropping on its Employees - The Engineering, Printing and Manufacturing Union (EPMU), which represents staff at APN newspapers, raised the complaint with police when phone records showed unauthorised calls were made into weekly phone conferences with staff delegates. The unauthorised calls allegedly came from a number used by APN daily The Hawke's Bay Today and APN's regional offices in Hastings. Suspicion Inhibits Journalists In New Zealand

Defence: Jerry Mateparae Takes The Top Job - Today the Prime Minister Helen Clark and Defence Minister Phil Goff announced that Major General Jerry Mateparae will be the new chief of the New Zealand Defence Force, and be promoted to the rank of Lieutenant General. Major General Mateparae will serve in the position for three years from 1 May, replacing Air Marshal Bruce Ferguson. Helen Clark and Phil Goff also announced the appointment of Major General Lou Gardiner as Chief of Army, and Air Commodore Graham Lintott as Chief of Air Force. See... Scoop Audio: New NZDF Chief Faces The Media ALSO:NZ Govt - Government appoints new Defence Force ChiefsMaori Party - Maori Party congratulates Major General Mateparae

Kiwi Pride: PM Praises SPFX Wizards - Prime Minister and Minister of Arts, Culture and Heritage Helen Clark congratulated the New Zealand-based films which won Oscars at the 2006 Academy Awards. Helen Clark said it was a vote of confidence in New Zealand's strong film industry that movies filmed here won four major awards at the Academy Awards ceremony this evening. See... Congratulations for Oscar wins ALSO: National - Brash applauds Oscar successes Sport: Ulmer Forces Wellingtonians Out Into Summer Sun - Yesterday Wellington blew away its unseasonable Saturday chill, replacing it with a balmy gleam for Sunday, the day of the women's world cup cycling race. The large turnout of Wellingtonians to cheer the cyclists on may have been related to the summery weather, but more likely it was down to the race's strong favourite, the omnipresent lightning-fast legendarily-cute solid-gold Olympian, Sarah Ulmer. See... Sarah Ulmer - Two-wheeled lightning

Scoop Column: Parliament's Spirit Flourishes In Noble Game - On Friday, in Wellington's scenic Botanic Gardens, a titanic struggle on the cricket oval raged between MPs and staff drawn from New Zealand's diplomatic community. This tussle involved a number of MPs from the two main parties united in a grand coalition aimed at maintaining parliamentary cricketing honour. These men (for they were all chaps) - of differing political persuasions - were moulded into a disciplined fielding unit through the quiet leadership of New Zealand First MP Brian Donnelly. A Week Of It: Howzat! Cricket Playing MP Action

MORE HEADLINES:Fire-breather to Incinerate Libz Census Forms NZ Branch to Study Peak Oil Top Talent In NZ's Biggest Short Film Festival Mediacom Marketing Digest - 6 March 2006 Schizophrenia Study Highlights Costs for Carers

SCOOP REPORTS: Arts: NZ International Arts Festival Opening Weekend - Opening night of the New Zealand International Arts Festival. There's a sense of importance and occasion among the crowd at the St James, even if some of them were not sufficiently awed to remember to turn their cell phones off. This is serious fun. See... Arts Festival Review: The History Boys FOR MORE SCOOP REVIEWS:SCOOP FULL COVERAGE: Festival 2006

MORE Scoop Reports: Alastair Thompson - Scoop Images: It's High Noon For Linda Clark Scoop Column - A Week of It: Radio NZ Ructions - Air NZ AdvisoriesSelwyn Manning - Soft-Criticism Of Unappreciative U.S. Fair CommentKevin List - Parties Positions On Sacking Of Air NZ WorkersSelwyn Manning - PM's Office Announced Abizaid's Visit Too Early ALSO:FULL COVERAGE: Festival 2006

SCOOP VIDEO & AUDIO: While you are here, take a look at Scoop's new advertisement! Don't Swallow Just Anything!

RECOMMENDED AUDIO: Scoop Audio: Selwyn Manning & Simon Pound discuss Labour's list MP Marian Street, and Winston Peters' 'soft criticism' of the U.S. Scoop Audio: Kevin List on Active Radio discussed: Who is to blame for engineer job losses at Air New Zealand -- And the Unsworth 800 Buck Black Book Scoop Audio: Selwyn Manning discussed on Radio Adelaide today: Winston Peters' MFAT 5-year-plan; South Park's "Offensive" Bloody Mary episode; how 22,500 Kiwis left for Australia last year; and a Youth Rates bill designed to abolish discrimination against youth in the workplace is to be read in Parliament today. Scoop Audio: Press Club Lap Up Greens Scoop Audio: PM's Presser - Answers Historical Questions On Benson-Pope Allegations, ALSO: U.S. 'Arab-Friendly' General Coming To NZ!!!

RECOMMENDED VIDEO: Video: Youth Workers Mobilised On Wage Campaign Trail - Political Movement 2006-Style: Over 1000 fast food workers, mobilised by Unite Union, supported by the CTU and affiliated unions, the Maori Party, Green Party - a burgeoning youth political movement is demanding that the minimum wage be increased to $12 per hour. The SuperSizeMyPay.Com campaign began concentrating on fast food retailers and is poised to expand out into all low wage sectors. Scoop Video: Unite Mobilises Youth In Minimum Wage Push

Click here for Scoop's Audio and Video pageQuick Retirement CalculatorTarget 110 000 ConsumersNZ REAL ESTATE OnlineBook Cheap FLIGHTS OnlineCalculate YOUR NETWORTHTRAVEL: Packages & Deals!MORTGAGE Calculators #this_text { text-align: left; vertical-align: middle;}#this_text a { font-family: "Verdana", sans-serif; font-size: 80%; color: #943517; text-decoration: underline;}#this_text a:hover { font-family: "Verdana", sans-serif; font-size: 80%; color: blue; text-decoration: underline;}The best JOBS are @ SEEK THE WIRES Scoops Parliament Politics World Business Sci-Tech Culture Education Regional Health SEARCH _m1svt='');

Related Articles

• Smart Style Selects Continuent Clustering for MySQL
  Wednesday, 15 February 2006



• Nokia and MySQL Collaborate on Next Generation Telecommunication Subscriber Registers
  Wednesday, 15 February 2006



• SCO Exhibits MySQL on SCO OpenServer and Digital Services Leadership at Retail Industry's Largest Show
  Tuesday, 17 January 2006



• Apache Declares Cash Dividends on Common and Preferred Shares
  Sunday, 1 January 2006



• Boeing Delivers First Apache Combat Helicopter for Japan and Lockheed Martin Prepares to Deliver Two More New C-130J Aircraft
  Tuesday, 27 December 2005



• Run Your Own Web Server Using Linux & Apache -- SitePoint's Latest Release
  Sunday, 18 December 2005



• Alcatel Selects MySQL Cluster for its Multi-Access Data Server Platform
  Monday, 5 December 2005



• SCO Partners With MySQL AB
  Sunday, 4 September 2005



• "MySQL in a Nutshell": New Quick Reference Leads to Faster, More Productive Queries
  Sunday, 15 May 2005



• MySQL CEO Marten Mickos to Present Next Wave of Affordable Database Adoption at the MySQL Users Conference
  Wednesday, 20 April 2005



• Embarcadero Technologies Offers Most Comprehensive Data Lifecycle Management Solution for MySQL Network
  Tuesday, 19 April 2005



• 2004-2005 MySQL Partner Awards
  Wednesday, 30 March 2005



• MySQL Manager 3 Immediately Available
  Friday, 18 March 2005



• Dot Hill Systems Corp. and MySQL AB Join Multivendor Support Alliance
  Thursday, 3 March 2005



• MySQL Appoints Mark Burton Executive Vice President of Worldwide Sales
  Sunday, 30 January 2005