Along with e-commerce activities and internet searching, the number of Internet domain registrations, which are, historically, an indicator of small-business growth, also continued a pattern of healthy expansion. Registrations of domain names for active Web sites increased by 23% for .com and 20% for .net during the first half of 2004, as compared to the same time frame in 2003, according to VeriSign's third Internet Security Intelligence Briefing.
That's the good news. The bad news is Internet scammers are getting more sophisticated and good at what they do.
According to the briefing, there was a noticeable increase in multi-vector worms in the first half of 2004. Such worms can simultaneously exploit several vulnerabilities in one attack, and have a longer shelf life than single-exploit worms. The most effective and potentially damaging example of this breed is called a "phatbot," "agobot," or "gaobot."
The briefing also notes that exploits are released much more quickly following public announcements of vulnerabilities. This underscores the need for enterprise security managers to be more vigilant in vulnerability assessment, prioritization, and remediation.
Thiry seven percent of phishing e-mails directed users to capture sites located outside the United States, with a concentration in Korea, China, Poland, Brazil, Taiwan, Singapore, Australia and Indonesia.
VeriSign found the majority of phishing attacks were launched between 9:00 p.m. and 4:00 a.m., when IT staffers are often on call or fewer in numbers.
This article was compiled and edited by CIO Update staff. Please direct any questions regarding its content to Allen Bernard, Managing Editor.