Severe viruses down, P2P and IM attacks up

Security firm Symantec, which published its bi-annual Internet Threat Report on Wednesday, has found that the number of attacks over instant messaging and P2P systems quadrupled between January and June 2003.

The company uses thousands of sensors on the internet to analyse network activity and identify global trends. According to the report, the number of viruses and worms targeting Win32 systems more than doubled, but surprisingly, severe attacks actually halved compared to the same period last year.

Richard Archdeacon, Symantec's technical services director, said virus writers are exploiting vulnerabilities much faster than ever before. "The recent Blaster worm hit just 26 days after the vulnerability was first announced. Patch management is absolutely critical to the survival of a business," he said.

The report criticised Microsoft's Internet Explorer, calling it a "serious danger" because of security lapses. Several vulnerabilities allow attackers to compromise client systems through web pages containing embedded malicious code, while others can enable easy and almost undetectable installation of spyware, which could allow attackers to extract confidential data, the report said.

Microsoft IIS web server was also picked out because it has been vulnerable to previous attacks such as Code Red and Nimda. Symantec expects the web server to be targeted again by a "highly destructive malicious-code attack".

According to Symantec's figures, the average large organisation experiences almost 40 attacks every week, which is an annual increase of around 12 percent. Overall malicious activity rose by 19 per cent.

Munir Kotadia writes for ZDNet UK