Cyber attacks are being unleashed more quickly than ever
before, and the number of software vulnerabilities discovered has
risen by 12% to more than 1,400 in the past six months, according
to the latest Symantec Internet Security Threat
Report.
The survey of 20,000 organisations in more than 180 countries
found that users reported an average of 38 attacks a week – up by
19% in six months.
The time between the discovery of a vulnerability and a virus
outbreak exploiting it has shortened significantly, putting extra
pressure on IT departments, according to the report.
At its peak, the Blaster worm infected 2,500 computers an hour
and struck just 26 days after the vulnerability it exploited was
disclosed, said Richard Archdeacon, Symantec’s technical services
director. “This means patch management is absolutely critical to
the survival of a business,” he added.
Symantec said it was aware of 8,000 vulnerabilities affecting
4,000 different products, and its report highlighted the growing
menace of blended threats, which use a combination of malicious
code and system vulnerabilities to launch an attack.
An example of this was Slammer, which disrupted systems around
the world in just a few hours. Its speed of propagation, combined
with poor configuration management on many corporate sites, enabled
it to spread quickly and cause outages.
The report also highlighted the growing threat of attacks such
as Bugbear, which tried to extract data, and the dangers posed by
unprotected instant messaging and peer-to-peer applications.