‘Blended threats are a serious issue’
In its latest Internet Security Threat Report Symantec
says that the increasing prevalence of blended threats, which use a combination
of malicious code and vulnerabilities to launch a cyber attack, remains one
of the most significant security issues companies face this year. Blended threats
accounted for 60 percent of malicious code submissions in the first half of
2003, and the number of blended threats increased by 20 percent. Blended threats
continue to be the most frequently reported threat.
The speed of propagation of blended threats is also
increasing. For example, the Slammer worm impacted systems worldwide in less
than a few hours. Moreover, for a time, the recent Blaster worm was infecting
as many as 2,500 computers per hour. Symantec expects to see greater worm propagation
resulting in overloads to network hardware, crippling network traffic, and seriously
preventing both individuals and businesses from using the Internet.
With the release of the current report, Symantec provides
analysis of attacker vulnerability preferences for the first time. This new
analysis shows that 64 percent of all new attacks targeted vulnerabilities less
than one year old. Additionally, 66 percent of all attacks documented in the
first half of 2003 utilized vulnerabilities categorized as highly severe.
Recent activities support Symantec's analysis that
the time from discovery to outbreak continues to shorten significantly. The
W32.Blaster blended threat occurred only 26 days after the vulnerability was