PC users are now the weakest link in the security chain, IBM has suggested in its Security Threats and Attack Trends Report for 2005.
This has happened, the company claims, because computing systems became more secure, prompting criminals to try to by-pass them in other ways.
The overall threat level during the year was reduced from 2004, and sat at medium. With the exception of the one-off Zotob virus outbreak, the global incidence of large-scale malware was unexpectedly mild. Conventional viruses actually fell sharply, down from 6.1 percent of e-mail to only 2.8 percent.
However, underneath this lay an increase in more specialized types of attack. Information theft attempts such as phishing now made up in one in every 304 emails intercepted by the company, up from the previous year's figure of one in every 943 emails.
Users would be targeted going forward, because they presented the easiest way to initiate and cloak attacks, most of which now came from organized crime.
"What we're seeing is more directed targeted attacks, and we really think that's because of the financial motivation and the underground economy driving those things," David Mackey, IBM's director of security intelligence was reported as saying.
IBM's predictions, however worthy, tell the industry nothing new. It also mispredicted that 2005 would see a sharp increase in mobile malware. When it comes to IT security, the doomsayer is nearly always proved right -- eventually.