Cyber attacks are being unleashed more quickly than ever before, and the number of software vulnerabilities discovered has risen by 12% to more than 1,400 in the past six months, according to the latest Symantec Internet Security Threat Report.
The survey of 20,000 organisations in more than 180 countries found that users reported an average of 38 attacks a week – up by 19% in six months.
The time between the discovery of a vulnerability and a virus outbreak exploiting it has shortened significantly, putting extra pressure on IT departments, according to the report.
At its peak, the Blaster worm infected 2,500 computers an hour and struck just 26 days after the vulnerability it exploited was disclosed, said Richard Archdeacon, Symantec’s technical services director. “This means patch management is absolutely critical to the survival of a business,” he added.
Symantec said it was aware of 8,000 vulnerabilities affecting 4,000 different products, and its report highlighted the growing menace of blended threats, which use a combination of malicious code and system vulnerabilities to launch an attack.
An example of this was Slammer, which disrupted systems around the world in just a few hours. Its speed of propagation, combined with poor configuration management on many corporate sites, enabled it to spread quickly and cause outages.
The report also highlighted the growing threat of attacks such as Bugbear, which tried to extract data, and the dangers posed by unprotected instant messaging and peer-to-peer applications.