X hits on this document

PDF document

Symantec enterpriSe Security - page 15 / 97

288 views

0 shares

0 downloads

0 comments

15 / 97

Symantec Global internet Security threat report

2009

2008

Range of Prices

19%

32%

$0.85–$30

19%

19%

$15–$850

7%

5%

$1–$20

7%

5%

$1.70/MB–$15/MB

6%

3%

$2–$5

5%

4%

$0.70–$20

5%

2%

$4–$150

4%

3%

$4–$10

4%

3%

$0–$600 plus 50%–60%

4%

3%

$2–$30

2009

2008

Item

1

1

Credit card information

2

2

Bank account credentials

3

3

Email accounts

4

4

Email addresses

5

9

Shell scripts

6

6

Full identities

7

13

Credit card dumps

8

7

Mailers

9

8

Cash-out services

10

12

Website administration credential

Overall Rank

Percentage

s

Table 5. Goods and Source: Symantec

services advertised on underground

economy servers

While there was a decline in credit card advertisements in 2009, it is likely that they will continue to be a significant factor in the underground economy. With the wide availability of the previously mentioned crimeware kits, it is becoming easier for neophytes to operate in the online underground economy. this will likely increase the availability of credit cards on underground economy servers.

Conclusion

As government agencies and industries in many countries increase their efforts to combat malicious code activity, that activity is increasingly shifting to emerging countries with rapidly growing internet infrastructures. Meanwhile, some emerging countries may experience an even greater influx of malicious activity due to the aforementioned increased ease of mounting attacks for neophyte cybercriminals. that said, it is critical to note that, just because attackers are relocating malicious activities such as phishing hosts, bot networks, and spam zombies to other countries, these attacks can still be directed at targets anywhere worldwide.

targeted attacks against enterprises have been occurring for some time now. However, during 2009 a large-scale targeted attack occurred that brought these types of incidents into the spotlight.30 the wide- scale reporting of this attack impelled many organizations to re-examine their security postures and mitigation strategies against zero-day vulnerabilities.31 Symantec believes it is likely that targeted attacks of this nature will continue to play a large part in the threat landscape in the near future.

Financially motivated attacks against both enterprises and individuals remain a large part of the threat landscape. the underground economy continues to flourish even while the mainstream economy begins recovering from the financial crisis. Many cybercriminals have shifted their efforts toward creating kits they can sell to new entrants in the underground economy. this enables relatively inexperienced attackers with little technical knowledge to mount attacks without too much difficulty. As these developments make it easier for more attackers to enter into the online underground economy, Symantec expects attacks against Web browsers and malicious code variants installed through these attacks to increase. this increases the importance of reputation-based security techniques and other technologies that act to catch malicious code beyond simple signature-based detection.

30 31

http://googleblog.blogspot.com/2010/01/new-approach-to-china.html http://www.informationweek.com/news/services/disaster_recovery/showArticle.jhtml?articleiD=222301351

15

Document info
Document views288
Page views288
Page last viewedFri Dec 09 14:26:59 UTC 2016
Pages97
Paragraphs2532
Words45916

Comments