Attacks on Windows PC's Grew in First Half of 2004

ARTICLE TOOLS E-Mail This Article Printer-Friendly Format Most E-Mailed Articles Reprints & Permissions TIMES NEWS TRACKER   Topics Alerts Computers and the Internet Computer Software Viruses Computer Security

AN FRANCISCO, Sept. 19 - A survey of Internet vulnerabilities to be released Monday shows a sharp jump in attacks on Windows-based personal computers during the first six months of 2004, along with a marked increase in commercially motivated threats.

The Internet Security Threat Report says that from Jan. 1 to June 30 there were at least 1,237 newly discovered software vulnerabilities, or flaws that could compromise security. That translates into an average of 48 new vulnerabilities a week.

The survey, done twice a year, is based on monitoring by Symantec, which publishes software made to protect computers from Internet attacks. Trends in the report mirror findings by recent government-supported research.

The survey warns about a significant increase in the number of "bot," or robot, networks, which are arrays of interconnected personal computers that have been compromised to inject large volumes of viruses, worms, spyware or spam into the Internet. Over the first six months, the number of monitored bot networks rose to more than 30,000, from fewer than 2,000.

This represents the expansion of a black market economy in which the creators of the bot networks sell access to them to commercial spammers and others who wish to send information anonymously, according to the survey.

"The authors are changing their methods," said Alfred Huger, senior director of engineering for security response at Symantec. "We saw a dramatic increase in electronic commerce attacks."

Whereas in the past, attackers' motivation has most frequently been ascribed to grandstanding, it now appears that motives are increasingly financial, according to the survey.

Electronic commerce was the industry sought out most often, accounting for nearly 16 percent of all attacks, according to the survey. This was a significant increase from the 4 percent reported during the previous six months and suggests a shift to so-called phishing scams that are designed to steal confidential information and pass it along to attackers, according to the authors of the report.

Another trend seems to be a growing sophistication in malicious software, Mr. Huger said. "We're seeing a professional hand in development that was pretty startling in terms of malicious code."

The networks of bot computers vary greatly in size, he said. The average size was about 2,000 captured machines, known as zombies. But the researchers found one network of more than 400,000 such machines.

Many of the networks consist of home computers connected to broadband cable or DSL networks, but the survey established that 50 percent of the attacks came from captured computers with Internet addresses controlled by Fortune 500 companies.

The survey also documented more than 4,496 new Windows viruses and worms during the most recent period, which is four and a half times the number from the corresponding period of 2003. In January 2001, when the survey first began, it identified only 308 malicious programs. As of June 30, the total number of documented threats to Windows software has exceeded 10,000.

The current report was based on data collected before the recent software update that Microsoft is releasing for Windows XP, known as SP2. The software update should help combat Internet vulnerabilities, according to Mr. Huger.

Subscribe Today: Home Delivery of The Times from $2.90/wk.