Latest Stories

By BOB MIMS
Sunday, October 22, 2006
Your home is not your sanctuary. Internet security experts say that when it comes to protecting your digital information, the "worm" has definitely turned.

In its biannual Internet Security Threat Report, Symantec warns that worms, or self-replicating computer viruses, have become more focused on small-scale attacks aimed at fraud, data theft and criminal activity than the mammoth, shotgunlike designs of the past.

"The days of Web site defacements and low-level information-gathering attacks are behind us," Executive Director Dean Turner wrote in the study's introduction. "As threats have evolved, so, too, has the job of tracking and reporting on them."

For the study period of January through June, the Cupertino, Calif.-based Internet watchdog and anti-virus software maker said 69 percent of newly identified threats targeted Web applications.

Kelly Martin, Symantec's group product manager, said computer security experts also are alarmed to see hackers using hybrid attacks to breach protection programs.

"These are much more targeted attacks that are changing the threat landscape _ combinations of technologies, like worms coming in with spywarelike behavior that propagate and get onto a system in a silent way," she said.

The report also noted that more than 157,000 examples of "phishing," or bogus e-mails and Web sites set up to steal personal data, were identified _ an 81 percent increase over the second half of 2005. Unsolicited e-mail rose 50 percent.

Yankee Group analyst Jonathan Singer especially was concerned with those data.

"They have collected a lot of good data in this report that supports all the assumptions being made in the past: that individual home users are being targeted more than ever. Those people need to come up with some kind of fraud-prevention strategy."

Where security barriers are tough, hackers also are returning to "social engineering," or techniques for tricking the unwitting into providing access information.

Finally, Symantec notes the shrinkage of time between revelation of an operating system or application security flaw and hackers' attacks aimed at exploiting them.

As a result, the "window of exposure" for networks and individual computer users is open wider than ever before, Martin said.

The study, citing data collected from more than 40,000 security devices worldwide, noted Microsoft's Internet Explorer program as the most vulnerable, with an exposure window of nine days. Apple's Safari averaged five days, Opera was two days, and Mozilla was most secure, at one day of vulnerability to hackers.

"Home users have become the weakest link and are now the most targeted," Symantec's Martin said, stressing the need to quickly install upgrades to operating systems and Web applications as they appear.

Use of a firewall and virus-scanning suite covering inbound and outbound traffic are recommended.

(E-mail Bob Mims at bmims(at)sltrib.com.)

Taxing Times

Paying taxes unites us. It also divides us. People can pay five and even six times more in state and local taxes than other folks in similar circumstances making similar incomes.

Taxes unify Americans, but rates vary by state

Identity Theft

Who's got your number?

In one of the fastest-growing forms of identity theft, crooks are stealing tax refunds by swiping personal information and using it to trick the Internal Revenue Service.

Lawmaker offers anti-ID theft law to foil crooks who profit off dead children