Some of the headline statistics they have uncovered in their full report, which is available to download free online, show that there are at least 6 million computers worldwide infected with a ‘bot’ and connected to underground networks comprising of hundreds of thousands of machines each, a massive 29% increase over the previous period.

They also discovered that Trojans constituted 45% of the top 50 malicious code samples, representing a 23 percent increase over the first six months of 2006, that they found 12 zero-day vulnerabilities during the second half of 2006, marking a significant increase from the one zero-day vulnerability documented in the first half of 2006, increasing the exposure of consumers and businesses to unknown threats. 

Other findings include underground online databases used by criminals to “sell stolen information, including government-issued identity numbers, credit cards, bank cards and personal identification numbers (PINs), user accounts, and e-mail address lists”.
 
Data theft through USB devices accounted for 54% of all identity theft-related data breaches.

Symantec also identified, for the first time, the countries with the highest amount of malicious activity originating from their networks.  They tell us that “The United States had the highest proportion of overall malicious activity, with 31 percent; China was second, with 10 percent; and Germany was third, with 7 percent”, with many more countries ranked in the report. 

Symantec also recorded an average of 5,213 denial of service (DoS) attacks per day, down from 6,110 in the first half of the year. The United States was the target of most DoS attacks accounting for 52% of the worldwide total, with Microsoft Internet Explorer targeted by 77% of all attacks specifically targeting Web browsers.

Worryingly for home users, they were “the most highly targeted sector, accounting for 93 percent of all targeted attacks”.

The rest of the report is well worth reading for those interested in the state of Internet security, as it contains much more detailed information than we can include in this article. However, we were able to discuss the results with David Sykes, Vice President Pacific of Symantec.

In the interview, he went over some of the figures covered above and explained the report’s findings. Sykes said that the report was tracking a range of areas for the first time. One of those involved tracking of origins of malicious code, which involved a lot of statistical slicing and dicing to watch the trends and see how the threats are evolving almost in real time, and how they closely followed the proliferation of broadband in different countries around the world, with the US being the world’s No.1 malicious code centre.

Sykes said that there is a lot of “trade in stolen and confidential info” which they are also tracking for the first time. Online criminals are using underground servers where people are buying and sell personal information, some of which can be used to steal identities, with this area under heavy scrutiny to gauge the level of activity.

So, what else did Sykes say? There is plenty more, including a couple of interesting questions that we posed to Sykes, so please read onto the next page for the conclusion...