Article

Report: Security incidents dip, threat remains

Lawrence M. Walsh, News Writer

The number of daily security events--discernable attacks and malicious incidents--dipped in the third quarter, due in large part to the lack of major new exploits or threats, according to VeriSign's latest Internet Security Intelligence Briefing report.

According to the quarterly report, the number of daily security events were 150% higher than the same period in 2003, but slightly lower than the second quarter of this year. VeriSign compiles the report with data gleaned from its global network of managed security, payment and DNS services.

VeriSign says the dramatically higher daily event rates this year are attributable to the creativity of hackers who are honing their skills on new attack methods and the ease of modifying exploit code. "The refined skills on the part of the experts is, in turn, enabling junior hackers, a.k.a. script-kiddies, to wreak havoc much more quickly," VeriSign reported.

Reinforcing the message that patching is no longer an option, VeriSign says the release of exploits and attacks almost perfectly mirrors Microsoft's monthly release of security patches. Confirming what many enterprises are already experiencing, malware writers and hackers are expediting their reverse-engineering efforts to develop exploits faster.

"Patching can no longer be viewed as a luxury, but a requirement that must be addressed within weeks, if not days, of a [patch] release," the company warned in its report. It also measured not only attack trends,

    Requires Free Membership to View

but the elements that comprise attacks and malicious activity. One of the more interesting tidbits is a debunking of the myth that spam consumes bandwidth.
Other news stories on Internet security threats

Security threats grow increasingly malicious

So far, a banner year for attacks

By its measurements, VeriSign says spam constitutes 80% of all Internet traffic, but only consumes 21% of overall bandwidth. Legitimate e-mail accounts for 19% of volume and 73% of bandwidth, while malware consumes 1% of volume and 5% of bandwidth.

That the relative size of malware-laden e-mails is virtually indistinguishable from legitimate e-mails is troublesome. VeriSign says the average size of legitimate e-mails in Q3 was 40.9 Kb, while malware had a size of 39.8 Kb. Marc Griffiths, VeriSign's VP of security services, says this could be problematic for enterprises that filter malware based on message size. By comparison, spam's size averages to 2.79 Kb.

While phishing and other e-mail-born attacks continue to rise, VeriSign reports that e-commerce continues to grows. The volume of e-commerce activity grew 25% over the same period in 2003, showing that enterprises and consumers continue to gravitate to the Internet as a cost-savings vehicle despite the security risk.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: