The New York Times The New York Times Technology Find your dream vacation home

NYTimes: Home - Site Index - Archive - Help

Welcome, vsauter2 - Member Center - Log Out
Site Search:  


Do you have a minute?   See what A.O. Scott has to say about Kim Basinger’s new movie “Cellular.”

Watch the Movie Minute now.
Find showtimes in your area.

Attacks on Windows PC's Grew in First Half of 2004


Published: September 20, 2004

Email This Article E-Mail This Article
Printer Friendly Format Printer-Friendly Format
Most E-mailed Articles Most E-Mailed Articles
Reprints & Permissions Reprints & Permissions



Computers and the Internet

Computer Software


Computer Security

SAN FRANCISCO, Sept. 19 - A survey of Internet vulnerabilities to be released Monday shows a sharp jump in attacks on Windows-based personal computers during the first six months of 2004, along with a marked increase in commercially motivated threats.

The Internet Security Threat Report says that from Jan. 1 to June 30 there were at least 1,237 newly discovered software vulnerabilities, or flaws that could compromise security. That translates into an average of 48 new vulnerabilities a week.

The survey, done twice a year, is based on monitoring by Symantec, which publishes software made to protect computers from Internet attacks. Trends in the report mirror findings by recent government-supported research.

The survey warns about a significant increase in the number of "bot," or robot, networks, which are arrays of interconnected personal computers that have been compromised to inject large volumes of viruses, worms, spyware or spam into the Internet. Over the first six months, the number of monitored bot networks rose to more than 30,000, from fewer than 2,000.

This represents the expansion of a black market economy in which the creators of the bot networks sell access to them to commercial spammers and others who wish to send information anonymously, according to the survey.

"The authors are changing their methods," said Alfred Huger, senior director of engineering for security response at Symantec. "We saw a dramatic increase in electronic commerce attacks."

Whereas in the past, attackers' motivation has most frequently been ascribed to grandstanding, it now appears that motives are increasingly financial, according to the survey.

Electronic commerce was the industry sought out most often, accounting for nearly 16 percent of all attacks, according to the survey. This was a significant increase from the 4 percent reported during the previous six months and suggests a shift to so-called phishing scams that are designed to steal confidential information and pass it along to attackers, according to the authors of the report.

Another trend seems to be a growing sophistication in malicious software, Mr. Huger said. "We're seeing a professional hand in development that was pretty startling in terms of malicious code."

The networks of bot computers vary greatly in size, he said. The average size was about 2,000 captured machines, known as zombies. But the researchers found one network of more than 400,000 such machines.

Many of the networks consist of home computers connected to broadband cable or DSL networks, but the survey established that 50 percent of the attacks came from captured computers with Internet addresses controlled by Fortune 500 companies.

The survey also documented more than 4,496 new Windows viruses and worms during the most recent period, which is four and a half times the number from the corresponding period of 2003. In January 2001, when the survey first began, it identified only 308 malicious programs. As of June 30, the total number of documented threats to Windows software has exceeded 10,000.

The current report was based on data collected before the recent software update that Microsoft is releasing for Windows XP, known as SP2. The software update should help combat Internet vulnerabilities, according to Mr. Huger.

Subscribe Today: Home Delivery of The Times from $2.90/wk.

.A Computer With the IPod's Bloodlines (September 16, 2004) 
.Yahoo to Challenge iTunes With New Acquisition (September 15, 2004) 
.The Customer Relationship Expert Takes a Dose of Its Own Medicine  (September 13, 2004)  $
.TECHNOLOGY; Speech Code From I.B.M. To Become Open Source  (September 13, 2004)  $
Find more results for Computers and the Internet and Computer Software

. Digital Domain: The New Silicon Valley: A Dog-Eat-Dog World
. Fear and Laptops on the Campaign Trail
. Download, Peel and Stick, and All the World's a Gallery
. Why We Fear the Digital Ballot
Go to Technology

IBM Middleware for integration. That's On Demand Business.

AT&T CallVantage Cable/DSL home calling

Free Avaya IP Telephony white paper