Symantec Internet Security Threat Report Volume XII: September, 2007

Security Incidents : Symantec Internet Security Threat Report Volume XII: September, 2007

Posted by Max on 2007/9/18 15:12:17 (731 reads)

The Symantec Internet Security Threat Report provides a six-month update of worldwide Internet threat activity. It includes analysis of network-based attacks, a review of known vulnerabilities, and highlights of malicious code. It will also assess trends in phishing and spam activity. This volume covers the six-month period from January 1 to June 30, 2007.

Over the past several reporting periods, Symantec has observed a fundamental change in the threat landscape. Attackers have moved away from nuisance and destructive attacks towards activity that is motivated by financial gain. Today’s attackers are increasingly sophisticated and organized, and have begun to adopt methods that are similar to traditional software development and business practices.

Today, the threat landscape is arguably more dynamic than ever. As security measures are developed and implemented to protect the computers of end users and organizations, attackers are rapidly adapting new techniques and strategies to circumvent them.

The ensuing changes have been evident over the first six months of 2007. Based on the data collected during that period, Symantec has observed that the current security threat landscape is characterized by the following:

Increased professionalization and commercialization of malicious activities
Threats that are increasingly tailored for specific regions
Increasing numbers of multistaged attacks
Attackers targeting victims by first exploiting trusted entities
Convergence of attack methods

Identity theft is an increasingly prevalent security issue, particularly for organizations that store and manage information that could facilitate identity theft. Compromises that result in the loss of personal data could be quite costly, not only to the people whose identity may be at risk and their respective financial institutions, but also to the organization responsible for collecting the data.

Data breaches that lead to identity theft could damage an organization’s reputation, and undermine customer and institutional confidence in the organization. Underground economy servers are used by criminals and criminal organizations to sell stolen information, typically for subsequent use in identity theft. This data can include government-issued identification numbers (such as social security numbers), credit cards, bank cards, personal identification numbers (PINs), user accounts, and email address lists.

Read the Full Report

Previous article - Next article

Other articles
2008/10/9 14:10:42 - Google Trends Used to Promote Fake Anti-Virus Software
2008/10/9 13:50:47 - Spam, Child Porn, Illegal Pharmaceuticals, and Stolen Data Make The Web Axis of Evil
2008/10/8 12:22:22 - New Anti-Phishing Service by BluePrint On National Cyber Security Awareness Month
2008/10/7 16:17:07 - Adware Released As Fake Antivirus Increases
2008/10/2 15:30:28 - Agnitum's Outpost Security Suite Pro Gains Another VB100% (on Windows Server 2008)
2008/10/2 15:21:49 - New FREE Security Tools From Verizon
2008/9/30 17:45:27 - SkyRecon Adds Anti-Virus Protection (AVP) to Its StormShield Security Suite
2008/9/30 17:32:11 - IdentitySecure, The New Identity Theft Protection Program from Affinion
2008/9/30 17:13:08 - Web Application Security Mythbusters by Cenzic Inc.
2008/9/30 17:03:58 - Disk Doctors Announces Support For The Hurricane IKE and Gustav victims

The comments are owned by the poster. We aren't responsible for their content.