Media Advisory

Symantec Internet Security Threat Report - the industry's "State of the Internet" analysis, confirms shift from hacking for fame to hacking for fortune

Online security threats are moving away from widespread, chaotic nuisances to smaller, more targeted attacks motivated by financial gain, according to findings unveiled today by Symantec in its latest Internet Security Threat Report[1].

The semi-annual global report - the most comprehensive gauge of the Internet landscape, detailed the current threat landscape; which is dominated by emerging threats such as modular malicious code[2], cybercrime[3] (through an increased use of crimeware[4]) and web browser vulnerabilities[5] and provided information for consumers on the type of Internet nasties lurking behind the screen.

Rob Pregnell, Senior Product Marketing Manager, Asia Pacific said of the findings in the Report: "Cybercrime represents today's greatest threat. Whereas traditional attack activity has been motivated by curiosity and a desire to show off technical virtuosity, many current threats are motivated by profit. They often attempt to perpetrate criminal acts, such as identity theft, extortion, and fraud for financial gain.

"What we expect to see in the near future is more diversification and sophistication of the threats used for cybercrime, as well as an increase in the theft of confidential, financial and personal information for financial gain."

The Symantec Internet Security Threat Report Vol 9's key findings include (a key findings document is available for further explanation):

- Of malicious code targeting instant messaging services, worms made up 91 percent, compared to 83 percent in the first half of 2005. One in 119 emails was determined to be phishing attempts, up from one in 125.

- Spam made up 50 percent of all monitored email traffic - a decrease over the past two reporting periods.

- Microsoft® Internet Explorer had the highest number of new vulnerabilities with 24.

- Web application vulnerabilities made up 69 percent of all vulnerabilities during this period.

- Symantec detected an average of 7.9 million phishing attempts per day, an increase of 39 percent over the first half of 2005.

- Symantec documented 6,542 new variants of Spybot, up from 6,361 in the first half of the year.

- In the last half of 2005, Symantec blocked 1.5 billion phishing attempts, a 44 percent increase over the first half of 2005.

"By tracking these trends in a comprehensive report, Symantec not only gains unparalleled insight into how attacks, vulnerabilities and malicious code is evolving but how it can be prevented," added Pregnell.

NOTE TO EDITORS// A Symantec security expert is available to discuss these findings and offer simple tips for your readers on how to make your home or small business computers safe.

--------------------------------------------------------------------------------

[1] The Report covers the six-month period from 1 July 2005 to 31 December 2005.

[2] Modular malicious code initially posses limited functionality, such as disabling antivirus software and firewalls; however, once it has infected a computer, it can download additional code that has new, potentially more damaging and malicious capabilities.

[3] Cybercrime are criminal acts that incorporate a computer or Internet component.

[4] Software designed with the intent to commit a crime.

[5] Like most software available today, they have security flaws, these fall into the category of web browser vulnerabilities

About the Internet Security Threat Report The Internet Security Threat Report is based on data collected from Symantec's Global Intelligence Network, which includes 40,000 registered sensors worldwide (via Symantec Deepsight Threat Management and Symantec Managed Security Services), monitoring network activity in more than 180 countries and tracking attack activity across the entire Internet.

Symantec gathers malicious code data along with spyware and adware reports from over 120 million client, server, and gateway systems that have deployed Symantec's antivirus products. Symantec also maintains one of the world's most comprehensive databases of security vulnerabilities, covering 13,000 vulnerabilities affecting more than 30,000 technologies from over 4,000 vendors. In addition to the vulnerability database, Symantec operates BugTraq(tm); and, the Symantec Probe Network.

These resources provide Symantec analysts with unparalleled sources of data which to identify emerging trends in attacks and malicious code activity. The Internet Security Threat Report is grounded principally on the expert analysis of this data.

Contacts:

Antoinette Trovato Public Relations Manager - Asia Pacific Symantec 02 8879 1173 atrovato@symantec.com

Anastasia Jones Max Australia 02 9954 3492 anastasia.jones@maxaustralia.com.au