Folks in charge of protecting IT security will often vent that they’re fighting a losing battle. But when a company that sells security products makes that statement, it means a lot.
In a recent mid-year report, Symantec warned that there are too many threats for security software to keep up. In 2009, Symantec created 2,895,802 new virus signatures — that was a 71% increase compared to the amount of new malware that appeared in 2008 (which in turn was a 139% of what was identified in 2007).
The number of new threats is on pace to rise significantly again: In the first half of this year, Symantec created 1.8 million new malicious code signatures. So far, 124 million distinct new malicious programs have been discovered in this year alone.
Bottom line: Antivirus software can’t do enough to keep up with emerging threats. Other recent studies have offered the same warning.
What can be done? More user training, for one thing. Symantec also warns that more and more hackers are using social engineering tactics — i.e., going straight for end users to trick them into turning over passwords and other data — to steal sensitive information.
For example, almost one out of every 476 e-mails sent contains some type of phishing attack, according to Symantec.
Some other hacking trends that Symantec recommends warning users about:
- Phony antivirus programs that users are tricked into buying through pop-ups on compromised websites
- Scams and viruses hidden in third-party social networking apps
- The use of URL shortening services to hide malicious links on social networking sites
- More malware that attacks mobile devices
- Big increases in spam, and
- Spam and phishing attacks sent using instant messaging software.