The volume of malicious computer worms and viruses spreading via the Internet appears to have peaked, a new study indicates.
Symantec Corp. documented 2,636 new vulnerabilities last year, software flaws that violate a computer's security. That's up only 2 per cent from the 2,587 vulnerabilities reported in 2002, the Cupertino, Calif.-based on-line security company reports. In comparison, the number of vulnerabilities soared 81 per cent from 2001 to 2002.
“This marginal level of growth suggests that a plateau has been reached,” notes the firm's Internet Security Threat Report, a global analysis of computer attacks to be released Monday.
But computer users should not take any comfort in the data, warns Michael Murphy, general manager of Symantec's Canadian operations. While the increase in vulnerabilities may be slowing, the complexity of new computer bugs and the threat they pose is getting worse, he said.
“We will continue to see more vulnerabilities but they will be more complex, more difficult to find, so we won't see the same increases that we saw in previous years,” Mr. Murphy said.
Widespread software bugs of the late 1990s and early part of this decade were largely trivial and easy to combat because they attacked “low-hanging” software flaws, he said. But new computer bugs, so-called blended threats that combine the characteristics of viruses, worms and other malicious code, are “probably a little further up in the tree and very difficult without the right skill set,” he said.
The number of serious computer attacks reported rose through 2003, the study indicated. From July to year-end, about half of companies analyzed reported a serious breach, up from one-sixth in 2003. On average, seven new vulnerabilities a day were announced last year.
In February and March, hackers gummed up computer traffic around the world by releasing wave after wave of new versions of worms MyDoom, NetSky and Bagle. Last summer, three worms — Blaster, Welchia and SoBig.F — attacked millions of computers worldwide, causing an estimated $2-billion (U.S.) in damages.
Symantec's findings include:
Canada has the dubious distinction of reporting the highest number of computer attacks for each Internet user, partly because of the country's high rate of broadband Internet penetration via cable and DSL access providers. About 8 per cent of computer attacks originate in Canada. The United States holds down the No. 1 position, accounting for about 58 per cent of all attacks.
The likelihood of blended threats that exploit unpublished vulnerabilities is rising. Typically, software giant Microsoft Corp. will warn users about a software flaw, and makes a security patch available. Days or weeks later, a hacker-made bug will try to exploit the flaw, spreading quickly via the Internet and attacking unprotected computers. Symantec says predictions are difficult, but it expects a “zero-day” threat — a bug that targets a new, unreported flaw — is likely and may cause widespread damage.
The impact of wireless devices on security is a growing concern. Proprietary systems and low computing power make many hand-held devices immune to attack. But hand-held access to the Internet is increasing, and Symantec warns that e-mail capable devices may act as unsuspecting conduits for computer bugs.
The report is based on data and research from more than 20,000 sources.
