According to the company’s Internet Security Threat Report for the first half of 2004, malicious hackers are getting faster at crafting attacks based on the latest vulnerabilities, and controlled networks of compromised machines are getting bigger.
The company said yesterday that it was seeing an average of 30,000 bots – PCs compromised by attackers that can act in unison on future attacks – per day, up from 2,000 in the previous report. The peak was 75,000 in one day.
Symantec also said that the average time between details of a vulnerability being published and a functional exploit being created narrowed from seven days to 5.8 days during the first half of the year.
The quarter had malware attacks such as Witty, which had a vulnerability-to-exploit of less than two days, and Download.Ject, which was exploited before Microsoft published the vulnerability details or a patch.
Symantec’s next report, due in six months, should make interesting reading, as it may be able to indicate whether the launch of Windows XP Service Pack 2, with its security enhancements, has made an impact on security globally.
It will also be the first Symantec report to include data from Brightmail, the spam filtering firm with one of the largest insights into email activity, which could shed light onto the correlation between spam, phishing, worms and botnets.