Volume 3, Number 45 -- December 7, 2006

Phishing, Zero-Days Top Symantec's Security List

Published: December 7, 2006

by Alex Woodie

Symantec last week issued an end-of-the-year report on the state of IT security, and the findings may surprise you--or they may not, depending on how closely you've followed the security goings-on during the last 12 months. In any case, if one had to pick the two most important security trends for 2006, it would be tough to beat the meteoric rise of phishing and zero-day exploits.

Phishing, an activity engaged in by criminals to perpetrate identity theft and the financial misdeeds that inevitably follow, increased dramatically in the first half of 2006, when Symantec detected close to 900 unique phishing messages a day, an increase from nearly 500 per day over the previous six month period, the security software giant says.

A closer analysis of phishing trends reveals that phishing e-mails dip on the weekends and rebound on--of all days--Tuesdays, which Symantec took to suggest that phishers operate during standard work days (although it would be a stretch to consider them working Joes like you and me).

A quick glance at your unprotected inbox will also confirm Symantec's finding that nine of the top 10 phished brands were financial institutions. (News bulletin: if you don't have a Washington Mutual checking account, don't follow the links to change your password.) What's more, seven out of 10 spoofed brands that Symantec observed are based in the U.S., while the great state of Florida led the way among the most spoofed local brands, Symantec says.

The other major security trend involves zero-day exploits, the phenomenon you get when black hat hackers and other techno ne'er-do-wells blindside the computer-using community by launching attacks or releasing attack code blueprints on the Web on the same day on which that vulnerability is first publicly revealed to the owner of the vulnerable product (usually Microsoft), and suckers like you and me.

Symantec noted several high-profile zero-day attacks, including the Windows WMF vulnerability in late 2005 and early 2006, and several other attacks on Office products in May 2006. But Microsoft isn't the only target; a Japanese word processing product called Ichitaro was hit with two zero-day exploits, Symantec notes.

The prognosis for zero-day attacks is not good, and the situation will likely get worse before it gets better. According to Symantec, the average time it took developers to come up with a patch for a security hole was 31 days for the first half of this year. However, the average time for hackers to develop exploit code was three days, leaving, on average, a 28-day window of exposure, Symantec says.

Also included in Symantec's report was rootkit technology, a hard-to-detect way of comprising a computer system, which quickly emerged in 2005, but hasn't made many headlines in 2006. Despite the lack of press, Symantec says the use of rootkits--in particular user-mode rootkits, but also kernel-mode rootkits--has grown over the last 12 months, to the point where it is now common.

Sponsored By

Now you can go direct to Micro Focus...

Announcing direct sales, service and support
for HP and Micro Focus customers!

All versions of Micro Focus products previously sold through HP or an HP reseller are now sold, serviced and supported directly by Micro Focus.

For more information, or to talk to a dedicated HP conversion specialist:

1-800-632-6265 Option 2

Editor: Timothy Prickett Morgan
Contributing Editors: Dan Burger, Joe Hertvik,
Shannon O'Donnell, Timothy Prickett Morgan
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

Sponsored Links

World Data Products:  FREE 84-page Unix/Midrange Server Spec Book
FreeBSD:  Advanced OS for X86 and X64, Alpha/AXP, IA-64, PC-98, and Sparc architectures
COMMON:  Join us at the Annual 2007 Conference & Expo, April 29 - May 3, in Anaheim, California


Canvas Systems
Lakeview Technology
Roaring Penguin
Micro Focus

AIX 5L V5.3 Gets Unix 03 Certification

Azul Systems Revamps Compute Appliances with 48-Core Vega2 Chip

PwC Consultants Predict an IT Talent Shortage

Mad Dog 21/21: Stay the Recourse

But Wait, There's More:

Reader Feedback on As I See It: The Other "Tude" . . . AMD Creates Two-Socket Athlon FX Variant, Demos Quad-Core Opteron . . . IBM Tweaks BladeCenter H Chassis for Telcos . . . Gartner Predicts Half of Data Centers Will Run Out of Power by 2008 . . . Disk Array Sales Keep Revving in Q3, Says IDC . . . Phishing, Zero-Days Top Symantec's Security List . . .

The Unix Guardian


The Four Hundred
The System iWant, 2007 Edition

PwC Consultants Predict an IT Talent Shortage

Saving the System i: Fight Rather Than Switch

The X Factor: You Can't Steal What's Free, But You Can Pay a Lot for Something That Isn't Worth It

The Linux Beacon
Novell Previews Open Enterprise Server 2, Delays SLES 10 SP1

Hitachi Brings BladeSymphony Blade Servers to North America

AMD Creates Two-Socket Athlon FX Variant, Demos Quad-Core Opteron

As I See It: Behavioral Redlining

Big Iron
IBM's Last, Best Shot at the Big Iron Client

Top Mainframe Stories and Vendor Announcements

Chats, Webinars, Seminars, Shows, and Other Happenings

The Windows Observer
Microsoft Completes the 'Triple Launch'

Dell Carves Out Energy-Efficient PowerEdge Server Line

Microsoft's Business Intelligence Plan for the Masses

AMD Creates Two-Socket Athlon FX Variant, Demos Quad-Core Opteron

Subscription Information:
You can unsubscribe, change your email address, or sign up for any of IT Jungle's free e-newsletters through our Web site at http://www.itjungle.com/sub/subscribe.html.

Copyright © 1996-2008 Guild Companies, Inc. All Rights Reserved.
Guild Companies, Inc., 50 Park Terrace East, Suite 8F, New York, NY 10034

Privacy Statement