Black Hats are Winning, Symantec Says

Traditional security technologies are losing the battle against the black hats and malicious code writers, according to digital security specialists Symantec.

In a mid-year review of their technology security risks and predictions made early in 2010, Symantec has warned that there are simply too many new cyber threats out there for traditional automated systems to catch.

The review said Symantec created 2,895,802 new malicious code signatures last year alone, a 71 per cent increase over 2008 and representing more than half of all malicious code signatures ever created by the security firm. Symantec said they identified more than 240 million distinct new malicious programs, a 100 per cent increase over 2008. (See also "The 50 Riskiest Cities for Cybercrime in America.")

"In just the first half of the year, we have created 1.8 million new malicious code signatures and identified more than 124 million distinct new malicious programs." the report said. "This means it is becoming less likely that traditional security technologies will catch every new threat out there; there are simply too many of them, even with automated systems in place.

Not just capture and analysis

"Technology that does not rely on capturing and analysing a threat in order to protect against it, like Symantec's Reputation-Based Security, is indeed becoming imperative. Other methods that are also playing a key role in combating today's most pervasive threats are heuristic, behavioural and intrusion prevention technologies."

Symantec's country manager, Singapore, Tan Yuh Woei, said other predicted digital security threat strategies on the rise included:

Phishing attacks: Through the first half of this year, about one in every 476 e-mails included a phishing attack.

"What makes these attacks even more dangerous is that they are completely operating system agnostic," said Tan. "In a world that is becoming less centralised around the PC, phishing allows cyber criminals to take advantage of computer users regardless of what platform they are operating on."

Shortened URLs: At its peak in July 2009, 9.3 per cent of spam included some form of shortened hyperlink provided by one of the many free online shortening services; this is equivalent to more than 10 billion spam e-mails each day, worldwide.

Historical peak in spam

"In April of 2010, however, this peak figure nearly doubled to 18.0 per cent of spam, the current historical peak," Tan said.

Social networking apps: This is difficult to track directly, but anecdotal feedback and analysis of URLs from Symantec Hosted Services' Web Security Service both suggest that social networking sites are triggering more blocks in 2010 for malicious content than they did in 2009.

"On average in 2009, one in 451 Web Security Service blocks related to a social networking site. However, in 2010, this number rose to one in just 301," Tan said.

For the complete Symantec review of their current threat environment predictions, click here.

Subscribe to the Security Watch Newsletter

Comments