Brought to you by

History of the Internet Security Threat Report

Symantec's Internet Security Threat Report has become the industry standard for enterprises and consumers who demand the most comprehensive, up-to-date information on global Internet threat activity available. Its complete analysis of network-based attacks, vulnerabilities, malicious code, and security risks combined with its astute commentary on current and future trends and recommendations for protection continue to represent an unparalleled resource for security conscious individuals and organisations around the world.

The first report was published in 2002 by Riptech, a managed security services company that would later be acquired by Symantec. At 33 pages, the report was the first of its kind to analyze actual network attack activity and discuss trends in Internet threats and attacks.

Today, the Internet Security Threat Report leverages data collected from some of the most extensive sources of Internet activity data ever available to offer a complete compendium of information unprecedented in size, scope, and clarity.

Since the first report, the threat landscape has changed dramatically. Six years ago, large blended threats and perimeter attacks took centre stage as attackers introduced the computing community to high-profile threats such as Nimda and Code Red. Motivated primarily by the desire to attract attention and gain notoriety, attackers were focusing their efforts on creating and delivering malicious code that spread faster, crippled network traffic, and made headlines.

Just 18 months later, the Internet Security Threat Report Vol. IV bore out this trend when the Bugbear, Blaster, and Welchia worms hit academic, corporate, and home user systems in succession in June 2003. The report also noted that threats were being released faster than ever, with Blaster hitting networks just 26 days after its related vulnerability was announced.

By the following report, Symantec was warning organisations and consumers of the potential for zero-day threats. Blended threats remained a significant concern, with threats to privacy and confidentiality growing at an alarming rate of 519 percent. And the primary target of attackers was financial services.

Volume VI of the Internet Security Threat Report made it clear that earlier predictions were right on target. The average vulnerability-to-exploit window was just 5.8 days-but the Witty worm appeared just two days after vulnerability disclosure. Blended threats increased by nearly 60 percent, and the industry target of choice of attackers was e-commerce. These findings resulted in one of Symantec's most significant predictions and one that would hold true until today-that attackers were no longer motivated by notoriety but by financial gain.

Six months later, the Internet Security Threat Report Vol. VII confirmed that threats to confidential information were still growing, financial services remained a top target, and phishing-which exploits confidential information in order to make a profit-had become a very serious security concern for both consumers and enterprises.

The Internet Security Threat Report Vol. VIII observed a shift corroborating earlier findings when analysts observe that attackers were moving away from large, multipurpose attacks on network perimeters and towards smaller, more focused attacks on client-side targets-often to perpetrate criminal acts such as identity theft, extortion, and fraud.

Cybercrime was the theme of the Internet Security Threat Report Vol. IX as attackers indeed launched more stealthy attacks designed to silently steal data for profit without alerting the user. Among the tools of choice in accomplishing this were bots, bot networks, and modular malicious code.

The Internet Security Threat Report Vol. X reiterated the ongoing theme of malicious code for fortune rather than fame. The report noted that attackers are now shifting their focus to end users systems, using malicious code designed not only to evade detection but also to maximise their opportunity to steal information for profit. Indeed, home users are the most targeted attack sector, accounting for 86 percent of all targeted attacks, followed by financial services.

And today, at more than 120 pages, the current volume of the Internet Security Threat Report is the most comprehensive and compelling report to date. Its content leverages data collected from a massive network of technologies across all continents and includes analysis from 1,600 security experts throughout the world. The result is one of the most thorough, complete, and accurate analyses of Internet threat activity ever offered.

As the threat landscape evolves, so too will the Internet Security Threat Report-all to help ensure that enterprises, small businesses, and consumers make the most intelligent protection decisions based on the most up-to-date, complete data available.

Venue | Agenda

Introduction

Agenda & Presentations

Venue