Browser-based attacks such as “pharming” and “phishing” scams are now the
fastest-growing security threat on the Internet, according to a study by a
technology trade organization.
As the threat to IT operations from viruses and worms continued to drop
this year, browser-based attacks steadily rose, according to the third annual report on IT security by the Computing
Technology Industry Association (CompTIA).
The survey of nearly 500 organizations found that 56.6 percent had been
the victim of a browser-based attack, up from 36.8 percent a year ago and 25 percent two years ago, CompTIA said.
Although viruses and worms were still the biggest security threat facing
IT departments, their numbers have fallen off slightly. Nearly two-thirds of
organizations polled said they had suffered either or both types of attacks
in the past , down 2 percent from the previous year’s 68.6 percent.
“Though security software has become increasingly more advanced in its
ability to detect threats to networks, applications and operating systems,
hackers are sophisticated enough to reverse-engineer patches and launch
counter-offensives to vulnerable systems within 48 hours,” Brian McCarthy,
chief operating officer, CompTIA, said in a statement.
A year ago, 18 percent of organizations said they had become victims of
phishing. This year the figure has grown to 25 percent, CompTIA said.
Although the number of browser attacks grew the most, worms and viruses remain destructive. In 2004, for example, the Sasser worm
infected more than 500,000 computers.
The study found new and increased security threats to wireless and
portable technologies.
“IT security administrators must be continually educated on new threats
and solutions to keep pace with the dynamic landscape,” McCarthy said.