Symantec Releases Six-Month Internet Security Report

In the past six months, Web application vulnerabilities increased 12 percent, malicious codes were up 20 percent, and worms and viruses increased 19 percent, according to the report.

To make things worse, the speeds of infection are increasing. The Slammer virus infected systems in about an hour, said Oliver Friedrichs, senior manager for development at Symantec Security Response. He said attackers now have years of knowledge behind them so what used to take days to propagate now takes a matter of hours.

The report also noted a dramatic increase in instant-messaging- and peer-to-peer-based threats. "Of the top 50 malicious codes, 19 were using instant messaging and peer-to-peer to populate the threat," he said.

In addition, the number of blended threats, which use different combinations of malicious code to begin, transmit and spread attacks, is on the rise. "The nature of blended threats means that once a code is in a network, it can spread using other methods," Friedrichs said.

The report also noted an increase in the number of malicious codes that install "back doors" into a company's network. "This is a gradual increase, but it may become more common as attackers realize how successful it can be," Friedrichs said.

The Internet Security Threat Report is released every six months and is culled from information Symantec gathers from its DeepSight Threat Management System and its Managed Security Service , as well as data from security vendors and end users.