Symantec reports boom in viruses and worms

By Steve Malone

Posted on 1 Oct 2003 at 09:53

The number of malicious attacks has hit an all time high in 2003. Not only are viruses and worms increasing in number, but, thanks to the Internet, are propagating at an ever faster rate.

These are the gloomy findings of the latest Internet Security Threat Report from Symantec Corporation. However, this will not come as news to companies which, Symantec says are experiencing 38 attacks per company per week compared to 32 attacks per week in 2002, a 19 per cent increase.

The biggest trend, according to Symantec are those attacks which use known vulnerabilities and malicious code. In particular, attackers are using worm techniques which expose security breaches in computers and install Trojans to orchestrate attacks in the future. The prevalence of Microsoft software in both home and business users has made it the main target for attackers as it represents the biggest number of potential victims and offers the chance to install Trojans in far greater numbers. Symantec reports over 994 new viruses and worms aimed at Win32 systems in the first half of 2003, more than double the 2002 figure of 445.

Most worrying though is the speed at which a worm can generate throughout the world, infecting machines before the antivirus companies have a chance to respond. Symantec notes that the Blaster worm at its peak was infecting up to 2,500 computers an hour and that Slammer had spread right around the world within a few hours of being detected.

The rapid world wide spread of new malicious code is still mainly through email applications. However, there is also a worrying trend in the increasing use of instant messaging or peer-to-peer applications. These kinds of attacks had risen 400 per cent over the year.

Amidst all the gloom though, there is some hope. Increased security measures taken by companies has meant that the number of 'severe' attacks has declined from 23 per cent in the first half of 2002 to 11 per cent in the equivalent quarter of 2003. Also, whilst Symantec says it had reported some 1,432 new vulnerabilities, a 12 per cent increase, at least the rate of discovery was declining.

Symantec's advice to companies remains the same. Install antivirus software on your computers, turn your machine off - or disconnect it from the Internet or network - when not needed, install a firewall, keep patches up to date and don't open unsolicited attachments.