Symantec records 81 per cent rise in computer vulnerabilities in 2002

By Steve Malone

Posted on 3 Feb 2003 at 11:47

A record 2,524 new vulnerabilities in computer systems were discovered in 2002 according to the Internet Security Threat Report from internet security specialists Symantec. These figures show an 81 percent rise on 2001.

The increase in new vulnerabilities was driven by a steep rise (84.7 per cent) in the number of 'moderate' or 'severe' vulnerabilities reported.

Although these numbers sound alarming, Symatec says that this is in part due to an increase in the responsible disclosure movement and increased public awareness of vulnerability researchers. However, the company also warns that the increase is also due to several new methods of exploiting software bugs.

However, whilst disclosure will alert IT managers to potential problems, it will also signal opportunities to the virus writers. A prime example being the recent Slammer worm which exploited a vulnerability in SQL Server which Microsoft flagged up in July last year.

Particularly worrying, according to the report, the increased appearance of so-called `blended threats`. These are programs which can combine the characteristics of viruses, worms or Trojans and may attack several parts of a computer system at once, making them difficult to deal with and eliminate. Symantec estimates that three such blended threats - Klez, Bugbear and Opaserv - caused 80% of reports to Symantec Security Response in the second half of 2002.

Another disturbing trend are self-replicating mass mailers which represented eight of the top 50 threats the second half of 2002 compared with only one in 2001.

Nevertheless, excluding worms and blended threats, the number of cyber attacks appears to have dropped by 6 per cent towards the end of 2002.

Ten countries appeared to account for 80 percent of attacks with the biggest sincle source being the United States. Countries on the so-called Cyber Terrorist Watch List accounted for less than one percent of attacks. Attacks from South Korea increased by 62 per cent, establishing it as the second largest source of attacks. Symantec speculates that this may be due to the high penetration of broadband in that country. If true it means that IT managers will need to be ever more vigilant as broadband spreads throughout the developed world.