ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Security

Security threats Toolkit

Hackers are after your money, warns Symantec

Abby Dinham ZDNet Australia

Published: 21 Sep 2004 09:40 BST

E-commerce has emerged as the "single most targeted industry" according to the latest Internet Security Threat Report from security software provider Symantec, with hackers now appearing to be motivated by economic gain rather than notoriety.

The bi-annual report traced Internet attack trends from 1 January to 30 June this year, it said, also studying vulnerabilities and malicious code activity in more than 180 countries.

The managing director of Symantec, John Donovan, said the latest report demonstrates that exploits are being created faster than ever. However, he told ZDNet Australia today the increase is attributed more to a rise in threat variants than new viruses.

"We have certainly seen variants before but not at this rate," he said, "generally the number of standard viruses is the same."

Donovan said the focus on e-commerce by hackers "illustrates the basic shift in the style of code that is being created".

"We have seen a pretty rapid shift in the style of threats by hackers as they focus more on key-logging and phishing scams for financial gain," he said.

"Companies using e-commerce also retain a lot of data about customers, account numbers and personal information, and a lot of smaller businesses conducting transactions online don't put the money into security, so they become easy targets," said Donovan.

According to Donovan, many small businesses still do not have an "appropriate level of security".

The report found that e-commerce accounted for 16 percent of all the attacks registered, marking an increase of 300 percent from the 4 percent it accounted for in the previous report.

According to Symantec, attacks against Web application technologies have also become popular in the last six months. The company said the applications are "appealing targets for hackers", due to their "widespread deployment within organisations and the relative ease with which they can be exploited".

"Web applications allow attackers to gain access to the target system simply by penetrating one end-user's computer, bypassing traditional perimeter security measures," Symantec said in a statement released on Tuesday.

Donavan singled out Internet Explorer as featuring among the most targeted Web applications by hackers.

"Applications like Internet Explorer are often deployed and then patches are not thought about for them, making them an easy target," he said. "People tend to focus more on Web site attacks and email but Web application vulnerabilities are not high profile."