Security vendor Symantec last week released volume 13 of its Internet Security Threat Report, a summary of the threat landscape it sends out to customers and partners every six months.
The threats are moving away from large, multipurpose attacks on network perimeters and are now smaller, more focused on client terminals. It says that the threat landscape is also likely to be dominated by bot networks, customizable modular malicious code and attacks on Web applications and browsers. Identity theft, extortion and fraud, all attempts at profit, are increasingly the prime motivator.
There are two significant trends, particularly when seen as an opportunity for a partner to earn service revenues is the increase in bot activity. In the first six months of 2005, the report cited, 10,352 bots per day were identified. This was up from less than 5,000 in the six months till December 2004. It was believed that this increase was driving a corresponding increase in denial of service attacks (up by nearly 700 percent in six months), which in turn have been associated with extortion attempts. And some people have even known to be willing to pay for taking control of compromised networks.
The second was the fact that the time between disclosure of a vulnerability and the release of an associated exploit was 6 days while it took a further 48 days to release an associated patch not much improvement from previous periods of study!
A majority of such attacks are also known to originate from the country where the network is hosted side effects of higher PC and Internet penetration. The local opportunity is further reinforced by the fact that India ranks 9 in attacks in the telecom vertical and 10 in manufacturing. And a huge majority of customers in manufacturing are SMEs.
The opportunity lies in the fact that these and other security related issues like vulnerability assessment, policy compliance and anti-spam cannot be cured by technology alone but needs multi-pronged action too. Not just implementation but also audit and management of security patches, inventory and backup of data.
So why are only a mere 25-odd systems integrators involved in actually providing security solutions, with investments in trained engineers and other resources?