Two reports out this week on the State of the Union security-wise, and, as you might have expected, there are some divergence in the conclusions. They’re also complementary in a way, and the pair gives a clearer picture of the security battlefield.
Symantec Corp. took the wraps off its twice-yearly Internet Security Threat Report at 12:01 a.m. Monday. IBM Internet Security Systems chipped in with its two cents later in the day.
There are some things on which the two reports agree; first and foremost that the black hats are becoming more professional and profit-oriented. “There’s money to be made in the attacks today,” Michael Murphy, GM of Symantec Canada, told journalists and analysts at an embargoed briefing on Friday.
There’s also a growing element of commercialization of the malware market. “The majority of attacks today are generated by tool kits you can buy,” Murphy said. MPack, for example, is a $1,200 phishing tool kit which compromises legitimate Web sites and redirects traffic to an MPack Server, which downloads a “small, modular threat” to the user’s system.
Further to the commercialization point, IBM Internet Security Systems’ X-Force R&D team points to a burgeoning “exploits as a service” industry (and coins the rather innocuous title of “managed exploit provider”). And the MEPs have added a leasing element, allowing malware perps to test exploits for less upfront – a sort of “try before you buy” arrangement.
The two agree that Trojans are the predominant Internet threat this year. Worms and viruses are pass