Security Experts:

Symantec: Malicious Attacks Spiked, Vulnerabilities Dropped in 2011

Symantec Threat Report Reveals 81 Percent Increase in Malicious Attacks, Drop In Number of Vulnerabilities

In its latest threat report released on Monday, Symantec revealed that while the number of vulnerabilities fell by 20% in 2011, it saw a significant increase in the number of malicious attacks. In addition, the report notes the fact that targeted attacks are spreading to organizations of all types and sizes.

Symantec LogoVolume 17 of Symantec’s annual Threat Report spotlights a drop in vulnerabilities last year, but unfortunately the number of malicious attacks jumped by 81% and the number of Web-based attacks that the company blocked jumped by 36%. Moreover, the number of unique malware variants surpassed 400 million. In all, Symantec said it blocked more than 5 billion last year.

The drop in vulnerabilities echo recent findings in HP’s recently released 2011 Top Cyber Security Risks Report. According to HP, disclosure of new vulnerabilities in commercial applications has slowly declined since 2006, noting a drop of nearly 20 percent in 2011 from the previous year. HP warned that while newly reported vulnerabilities in commercial software applications have seen a downward trend, a large number of vulnerabilities are unaccounted for, and are therefore undisclosed to the broader security industry.

HP believes the decline in vulnerabilities is due to a number of factors, including the increase in private market for sharing vulnerabilities. In addition, HP's report notes that the proliferation of custom web applications has created a market for unique vulnerability exploits that require advanced expertise to locate and address.

Symantec’s report also shows that spam levels fell by some 20% during 2011. This, Symantec says, paints an interesting picture, as it shows that attackers are embracing the easier to use attack kits (think SpyEye) in order to target existing and often un-patched vulnerabilities. Further, these attack kits and the wide pool of potential targets explains why social networks became the spot of choice for criminals launching scams and focused attacks.

Another interesting takeaway from the report is the fact that targeted attacks are growing. Symantec notes that the number of daily targeted attacks increased from 77 per day to 82 per day by the end of 2011. Additionally, the observed targeted attacks weren’t limited to large organizations. More than 50 percent of such attacks target organizations with fewer than 2,500 employees, and almost 18 percent target companies with fewer than 250 employees. When it comes to the actual targets, 58 percent of attacks focused on employees in roles such as human resources, public relations, and sales.

Targeted Cyber Attacks Spike

Other highlights from Symantec's Internet Security Threat Report, Volume 17 include:

• Approximately 1.1 million identities were stolen per data breach on average in 2011, a dramatic increase over the amount seen in any other year.

• Hacking incidents posed the greatest threat, exposing 187 million identities in 2011 -- the greatest number for any type of breach last year.

• Mobile vulnerabilities increased by 93 percent in 2011. At the same time, there was a rise in threats targeting the Android operating system.

The full report is available here.

view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.