The report claims network-based attacks jumped 20 percent in the last six months compared with the same six-month period in 2001. Yet, for the first time, targeted cyber-attacks declined, dropping to 21 percent in the past six months. A targeted attack is one that is directed at specific targets and does not include indiscriminate threats, such as worms or blended threat activities. Symantec didn't detect any verifiable cases of cyber-terrorism during the past 6 months.
Blended threats doubled between July and December 2002, compared to the same six-month period in 2001. An example of a blended threat is CodeRed, which exploited vulnerabilities for which vendors had already created patches before the threat emerged. Symantec claims this reinforces the need for companies to improve their security and patch management practices. Alarmingly, the discovery of computer vulnerabilities spiked 81.5 percent in 2002.
Based on these vulnerabilities, Symantec warned that a number of high-risk future threats have emerged and both commercial software vendors and those working on open source projects should be alert. Over the past year a number of open source applications were “trojanised” with back doors allowing attackers to target high profile distribution sites that had taken significant steps to protect themselves. “Rather than targeting individual systems, attackers are clearly exploring alternate ways of impacting a large number of systems in a short period of time,” the report stated.
In addition, the report found that eighty percent of all Internet attacks were launched from computers located in only 10 countries. The tier one list was headed up by South Korea, followed by Taiwan, Hong Kong and China. Symantec said Korea tops the list due to its high broadband penetration which makes it an attractive launch point for attackers throughout the world.
Power and energy industries experienced the highest rate of attack and severe event incidence compared to any other industry. Sixty per cent of targeted attacks were aimed at the power and energy industry sector. Symantec recorded 987 attacks in this sector between July 2002 and December 2002. This compared with 845 attacks in the telecommunications sector and 689 attacks on financial services.