Symantec's latest Internet Security Threat report, released this week, paints a picture of an increasingly dangerous Internet. But unlike previous reports, there seems to be little in the way of good news.
In the first half of the year, one in six companies reported a serious security breach, a number that increased to one in two in the second half. August, which will go down in history in security folklore, had a nasty 12-day period when Blaster, Welchia, and SoBig.F infected millions of machines worldwide and caused billions of dollars-worth of damage.
The second half of the year also saw a prodigious increase in the number of Win32 viruses and worms: 1702 released in the second half versus 687 in the first.
Tony Vincent, head global security architect with Symantec, says some of the dramatic increase seen in reported security breaches could be due to just one bad month. "In the first half of the year we didn't have the big gang of three that we had in August," he says. "That was very much a new thing."
Regardless, Vincent says there is also some concern with what he calls the "shrinking time to market" (Blaster was released only 26 days after the vulnerability it exploited had became public) and the trend of virus and worm writers to simply use backdoors left other attackers.
And while the good news was that the number of reported vulnerabilities had apparently plateaued (2,587 in 2002 versus 2,636 in 2003), the stabilisation could likely be explained by more secure software.
"Last year, we might have been at a low point in terms of the software release schedule," says Steve Poelking, a research director with IDC Canada in Toronto. The previous year's increase, when vulnerability numbers went up 81 percent, could simply have been due to an increase in application releases following the big launches of Windows 2000 and XP, he says.
But Poelking says the news from 2003 was not all bad. "Are we out of the woods? No...[but] I think the products are getting better," he says. There is also an increase vendor focus on research and development, he says.
"Part of this story is it is still [the responsibility of] companies to have good policies and procedures to deal with this issue," he says. "It isn't just a technology solution."
The statistics for the report came from Symantec Managed Security customers and 20,000 sensors located in more than 180 countries. The report covers July 1 to December 31, 2003.