Access keys | Skip to primary navigation | Skip to secondary navigation | Skip to content | Skip to page tools | Skip to footer |
Problems viewing this site
Feature News and Research title Feature News and Research image top
CITEC feature news Feature News and Research image bottom

Future IT security threats lie in more focussed attacks

24 October 2005

CITEC’s partner in the provision of IT security-related services, Symantec, has issued a dire warning about future IT security threats, noting that those perpetrating security breaches are moving away from large multi-purpose attacks on network perimeters towards more focussed attacks on client-side targets.

The warning comes in Symantec’s latest Internet Security Report, which covers security trends for January 2005 to June 2005.

According to the report, the new threat landscape is likely to be dominated by emerging threats such as bot networks (networks of compromised computers that can be remotely controlled by an attacker), customisable modular malicious code, and targeted attacks on web applications and web browsers.

“Whereas traditional attack activity has been motivated by curiosity and a desire to show off technical virtuosity, many current threats are motivated by profit. They often attempt to perpetrate criminal acts, such as identity theft, extortion, and fraud,” the report says.

The Future Watch section of the report highlights a number of areas for IT security administrators to watch.

Modular malicious code

Symantec says it has observed during the past 18 months an increase in the deployment of modular malicious code such as worms, viruses and Trojans. Although this code has limited functionality, once installed on a computer it downloads other modules of malicious code with different functionalities, further compromising the infected computer.

According to the report, attackers can easily modify extant malicious code into new variants in order to bypass anti-virus detection signatures or to add new functionality.

“As a result, security administrators may have to deploy stricter access rules and limit sites that host machines are able to connect to,” recommends Symantec.

Increase in bot networks

Symantec has determined a strong correlation between the number of bot computers and the number of denial of service (DoS) attacks. During the first six months of 2005, the number of DoS attacks increased by more than 680 per cent compared with the last six months of 2004.

In the report, Symantec predicts there will be a more coordinated community of bot network computers carrying out more sophisticated and targeted attacks.

“This may include the use of bot networks as a method of seeding compromised networks with other types of malicious code, which could be used for spam, phishing, and theft of confidential information,” the report says.

Wireless security threats

Symantec says the growth of wireless local area networks (WLAN) is matched by an increase in the number of concerns posed by insecure wireless access points.

“In some cases, attackers will impersonate the wireless access point itself in order to capture sensitive or useful information from machines attempting to connect to it.”

According to the report, enterprises using wireless networks are particularly at risk.

“Attackers can gain access to these networks by bypassing the traditional perimeter security measures, such as IDS systems and firewalls, which are normally in place on wired networks.”

VoIP threats

With its ability to carry voice and data over the same network, Voice over Internet Protocol (VoIP) is growing at a rapid rate as an alternative to traditional analogue phone systems. The report predicts the number of Skype (peer to peer voice service) VoIP users will grow to 160 million by the end of this year.

According to the report, VoIP is subject to a wide range of threats, including:

  • attempts to discover legitimate IP phone addresses through directory harvesting;
  • clogging voicemail systems with voice spam sent as audio files, and;
  • voice phishing, in which voicemails urge users to return calls and leave personal financial information.

How CITEC can help

CITEC provides comprehensive security solutions to protect business data and networks. Our solutions combine industry leading technology with the extensive experience of in-house staff and partners to deliver defence-in-depth security solutions.

We offer a complete lifecycle approach from audit, design and procurement, to integration, management and reporting, providing a security solution that meets your business IT security needs in the most cost effective manner.

For more information about our security solutions, please contact CITEC Product Manager, Greg Smith on +61 7 3222 2566.

About Symantec

Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.

minor dividing line

Read more CITEC feature news

grey line

CITEC RSS feedCITEC feed available.

Read more about RSS at CITEC. Not sure what is RSS?
Related links

» CITEC at a glance

Ask a CITEC analyst