Cybercrime's Financial And Geographic Growth Shows No Slowdown During The Global Economic Crisis

< BACK TO INFORMATION TECHNOLOGY starstarstarstarstar   Science - Information Technology Press Release
20th April 2010, 04:00pm - Views: 695

Business Company Symantec Corp. 1 image

News Release

EMBARGOED: Tuesday, 20 April, 2010 at 2.00pm (Sydney time)


Debbie Sassine

Symantec Corp.

+61 405 735 323


Cybercrime’s Financial and Geographic Growth Shows No Slowdown during the Global

Economic Crisis

Symantec blocks an average of 100 potential attacks per second in 2009 

SYDNEY, Australia – 20 April 2010 – Symantec Corp. (Nasdaq: SYMC) today released its new internet

Security Threat Report volume XV, which highlights key trends in cybercrime from 1 January 2009 to 31

December 2009.  In a year bookended by two very prominent cyber attacks – Conficker in the opening months

of the year and Hydraq at the very end – Symantec’s Internet Security Threat Report reveals continued growth

in both the volume and sophistication of cybercrime attacks.

“Attacks have evolved from simple scams to highly sophisticated espionage campaigns targeting some of the

world’s largest corporations and government entities,” said Stephen Trilling, senior vice president, Security

Technology and Response, Symantec. “The scale of these attacks and the fact that they originate from across

the world, makes this a truly international problem requiring the cooperation of both the private sector and

world governments.”

Notable trends highlighted in this year’s report include:

An increase in the number of targeted threats focused on enterprises. Given the potential for

monetary gain from compromised corporate intellectual property (IP), cybercriminals have turned

their attention toward enterprises. The report found that attackers are leveraging the abundance of

personal information openly available on social networking sites to synthesise socially engineered

attacks on key individuals within targeted companies.  Hydraq gained a great deal of notoriety at the

beginning of 2010, but was only the latest in a long line of such targeted attacks including Shadow

Network in 2009 and Ghostnet in 2008. 

Attack toolkits make cybercrime easier than ever. Cybercrime attack toolkits have lowered the bar

to entry for new cybercriminals, making it easy for unskilled attackers to compromise computers and

steal information. One such toolkit called Zeus (Zbot), which can be purchased for as little as

US$700, automates the process of creating customised malware capable of stealing personal

information. Using kits like Zeus, attackers created literally millions of new malicious code variants

in an effort to evade detection by security software.

Web-based attacks continued to grow unabated. Today’s attackers leverage social engineering

techniques to lure unsuspecting users to malicious websites.  These websites then attack the victim’s

web browser and vulnerable plug-ins normally used to view video or document files.  In particular,

2009 saw dramatic growth in the number of web-based attacks targeted at PDF viewers; this

accounted for 49 percent of observed web-based attacks. This is a sizeable increase from the 11

percent reported in 2008. 

Malicious activity takes root in emerging countries. The report saw firm signs that malicious

activity is now taking root in countries with an emerging broadband infrastructure, such as Brazil,

Business Company Symantec Corp. 2 image

Cybercrime’s Financial and Geographic Growth Shows No Slowdown during the Global Economic Crisis

Page 2 of 3

India, Poland, Vietnam and Russia. In 2009, these countries moved up the rankings as a source and

target of malicious activity by cybercriminals. The findings from the report suggest that government

crackdowns in developed countries have led cybercriminals to launch their attacks from the

developing world, where they are less likely to be prosecuted.

Other ISTR Highlights:

Malicious code is more rampant than ever.  In 2009, Symantec identified more than 240 million

distinct new malicious programmes, a 100 percent increase over 2008.   

Top threats.  The Sality.AE virus, the Brisv Trojan and the SillyFDC worm were the threats most

frequently blocked by Symantec security software in 2009.

Downadup (Conficker) still very prevalent. It was estimated that Downadup was on more than 6.5

million PCs worldwide at the end of 2009. Thus far, machines still infected with

Downadup/Conficker have not been utilised for any significant criminal activity, but the threat

remains a viable one.

Compromised identity information continues to grow.  Sixty percent of all data breaches that

exposed identities were the result of hacking. In a sign that this issue is not limited to a few larger

enterprises, the Symantec State of Enterprise Security Report 2010 reported that 75 percent of

enterprises surveyed experienced some form of cyber attack in 2009.

Another turbulent year for spam. In 2009, spam made up 88 percent of all e-mail observed by

Symantec, with a high of 90.4 percent in May and a low of 73.7 percent in February.  Of the 107

billion spam messages distributed globally per day on average, 85 percent were from botnets.  The 10

major bot networks, including Cutwail, Rustock and Mega-D now control at least 5 million

compromised computers.  Throughout 2009, Symantec saw botnet infected computers being

advertised in the underground economy for as little as US$0.03 per computer.

Applying security patches continues to be a challenge for many users. The report found that

maintaining a secure, patched system became more challenging than ever in 2009.  Moreover, many

users are failing to patch even very old vulnerabilities.  For example, the Microsoft Internet Explorer

ADODB.Stream Object File Installation Weakness was published on 23August 2003, and fixes have

been available since July 2, 2004, yet it was the second-most attacked web-based vulnerability in


Protecting the Community-at-Large

In addition to Symantec’s Internet Security Threat Report XV, Symantec today also announced its Norton

2011 beta

offerings, and several new tools in the fight against cybercrime such as Norton Safe Web for


and Norton Power Eraser. These tools will remain free and address some of today’s trickiest and

most prevalent issues related to malware infection and removal.


Symantec Internet Security Threat Report XV Microsite

Threat Landscape Overview on Slide Share

Symantec Security Response Blog

Industry Resources at

2010 State of Enterprise Security Report

2010 State of Enterprise Security on SlideShare

About the Symantec Internet Security Threat Report

The Internet Security Threat Report is derived from data collected by tens of millions of internet sensors, first-

hand research, and active monitoring of hacker communications, and it provides a global view of the state of

Internet Security.  The study period for the Internet Security Threat Report XV covers January 2009 to

December 2009.

Business Company Symantec Corp. 3 image

Cybercrime’s Financial and Geographic Growth Shows No Slowdown during the Global Economic Crisis

Page 3 of 3

About Symantec 

Symantec is a global leader in providing security, storage and systems management solutions to help

consumers and organisations secure and manage their information-driven world.  Our software and services

protect against more risks at more points, more completely and efficiently, enabling confidence wherever


news articles logo NEWS ARTICLES
Contact News Articles |Remove this article