Attacks on Windows PC's Grew in First Half of 2004
By JOHN MARKOFF
FRANCISCO, Sept. 19 - A survey of Internet vulnerabilities to be
released Monday shows a sharp jump in attacks on Windows-based personal
computers during the first six months of 2004, along with a marked
increase in commercially motivated threats.
The Internet Security
Threat Report says that from Jan. 1 to June 30 there were at least
1,237 newly discovered software vulnerabilities, or flaws that could
compromise security. That translates into an average of 48 new
vulnerabilities a week.
The survey, done twice a year, is based
on monitoring by Symantec, which publishes software made to protect
computers from Internet attacks. Trends in the report mirror findings
by recent government-supported research.
The survey warns about
a significant increase in the number of "bot," or robot, networks,
which are arrays of interconnected personal computers that have been
compromised to inject large volumes of viruses, worms, spyware or spam
into the Internet. Over the first six months, the number of monitored
bot networks rose to more than 30,000, from fewer than 2,000.
represents the expansion of a black market economy in which the
creators of the bot networks sell access to them to commercial spammers
and others who wish to send information anonymously, according to the
"The authors are changing their methods," said Alfred
Huger, senior director of engineering for security response at
Symantec. "We saw a dramatic increase in electronic commerce attacks."
in the past, attackers' motivation has most frequently been ascribed to
grandstanding, it now appears that motives are increasingly financial,
according to the survey.
Electronic commerce was the industry
sought out most often, accounting for nearly 16 percent of all attacks,
according to the survey. This was a significant increase from the 4
percent reported during the previous six months and suggests a shift to
so-called phishing scams that are designed to steal confidential
information and pass it along to attackers, according to the authors of
Another trend seems to be a growing sophistication in
malicious software, Mr. Huger said. "We're seeing a professional hand
in development that was pretty startling in terms of malicious code."
networks of bot computers vary greatly in size, he said. The average
size was about 2,000 captured machines, known as zombies. But the
researchers found one network of more than 400,000 such machines.
of the networks consist of home computers connected to broadband cable
or DSL networks, but the survey established that 50 percent of the
attacks came from captured computers with Internet addresses controlled
by Fortune 500 companies.
The survey also documented more than
4,496 new Windows viruses and worms during the most recent period,
which is four and a half times the number from the corresponding period
of 2003. In January 2001, when the survey first began, it identified
only 308 malicious programs. As of June 30, the total number of
documented threats to Windows software has exceeded 10,000.
The current report was based on data collected before the recent software update that Microsoft
is releasing for Windows XP, known as SP2. The software update should
help combat Internet vulnerabilities, according to Mr. Huger.