Cyber attackers now focussing on regional targets

While most of the cyber attacks in the past were designed to destroy the data, the future attacks are going to be more deadly since the users won't have an idea of its presence even though it will steal valuable data silently.

According to the half-yearly (1 July to 31 December, 2005) Internet security report released on Thursday by anti-virus firm Symantec, there will be a rise in the malicious code threats, which can reveal confidential information of organisations and enterprises.

According to the report, malicious code threats that could reveal code threats that could reveal confidential information rose from 74 per cent of the top 50 malicious code samples during previous reporting period to 80 per cent now.

The biennial report has found a surge in new attack methods like bots, (networks of computers that are exploited by spammers and hackers to forward junk e-mail and viruses without the knowledge of PC user) bot networks and customisable or malicious modular code.

"This results in the denial of services and particularly, the customers of banks face a lot of difficulties while depositing their credit card bill towards the last date of submission. This results in the loss of credibility of the bank and affects customers' reliability on the particular bank," he added.

The report found that although bot network activities had seen a marginal decrease, but these were being increasingly used for criminal activities like denial of service (DoS)-based extortion attempts.

Symantec has observed 1,402 DoS attacks per day, which is an increase of 51 per cent over the previous reporting period. It has cautioned that the growth will continue as the attackers leverage an increasing number of web-based application and browser vulnerabilities.

The reported period has also seen the vulnerabilities of the web application, though it has seen a decrease of 15 per cent over the previous period.

"Web application technologies, which rely on a browser for their user interface, present an easier target for attackers due to their availability over commonly allowed protocols such as HTTP," the report said.

The Symantec report has also found an upsurge in the phising, spam and adware/spyware-related activities.

According to Dhupar, phising, which deceives users into revealing confidential information, has continued to increase during the last half of 2005 and is focussing more on smaller and regional targets.

The report has found 7.92 million of phising attempts per day and Symantec believed that the number of phising messages and malicious code distributed through instant messaging services will rise in future.