The dangerous and wild Internet

Security firm Symantec has released it’s 11th Internet Security Threat Report, and if accurate (no reason to doubt that it is), it makes for some very grim reading indeed. I have taken some key findings from the summary which warrant highlighting:

  • Symantec recorded an average of 5,213 denial of service (DoS) attacks per day, down from 6,110 in the first half of the year.
  • Microsoft Internet Explorer was targeted by 77 percent of all attacks specifically targeting Web browsers.
  • Symantec observed an average of 63,912 active bot-infected computers per day, an 11 percent increase from the previous period.
  • China had 26 percent of the world’s bot-infected computers, more than any other country.
  • Israel was the highest ranked country for malicious activity per Internet user, followed by Taiwan and Poland.
  • Seventy-eight percent of malicious code that propagated did so over SMTP, making it the most commonly used propagation mechanism.
  • Malicious code using peer-to-peer to propagate rose from 23 percent of all propagating malicious code in the first six months of 2006 to 29 percent in the last half of the year.
  • The Symantec Probe Network detected a total of 166,248 unique phishing messages, a six percent increase over the first six months of 2006. This equates to an average of 904 unique phishing messages per day for the second half of 2006.
  • Between July 1 and December 31, 2006, spam made up 59 percent of all monitored email traffic. This is an increase over the first six months of 2006 when 54 percent of email was classified as spam.

These are worrying figures indeed, but they serve to make the case that the Internet is becoming a huge financial and security threat. To me the most worrying data from the report has to do with the volume of spam, and with the amount of zombie computers online. When more than half of the world’s email is spam, and when most viruses spread this way, you know that there is a serious problem and that something needs to be done. So far, the regulatory solution has been to legislate, but the efforts have been rather useless due to the international nature of the Internet.

Most worrying, the report calculates that during the period of study, they counted more than 6 million machines infected by bots. This is particularly tied to the problem of spam, as infected machines are taken over to serve unsolicited messages. A global army of six million zombies can do a lot of damage, and guess what? It is doing a lot of damage! The report does not call for regulatory solutions, but for technical ones. The proposed solution to the bot problem could be for ISPs to filter known bot traffic, which would considerably hinder the network. One problem with this is that the bot-owners will start changing their traffic patterns, and maybe even encrypting communications.

I may be feeling bleak today, but this report depressed me. *Think happy thoughts, think happy thoughts*

Leave a Reply