Internet attacks against home desktop computer users, using various web applications as camouflage, are on the rise and propagating at a slower rate. 'Attackers see end-users as the weakest link in the security chain and are constantly targeting them in an effort to profit,' said Arthur Wong, a senior vice-president at anti-virus software maker Symantec's security response and managed services business unit. Home computer users, including novice broadband internet subscribers, are the most highly targeted sector, accounting for 86 per cent of all attacks in the first six months this year, he said. They are an attractive target as they are less likely to have established security in place. Web browsers, e-mail and desktop programs such as spreadsheet and word processing software were the prominent targets of security research and attack activities in the first half of the year, Symantec's latest Internet Security Threat Report shows. The attacks are carried out over typically unfiltered network ports. These cannot be blocked by traditional perimeter security such as firewalls. Vulnerabilities affecting web applications accounted for 69 per cent of the network weaknesses documented by Symantec in the first half. There were 2,249 new vulnerabilities, up 18 per cent over the second half last year. Symantec documented 47 vulnerabilities that affected the Mozilla browser family in the six months, 38 in Microsoft's Internet Explorer and 12 in Apple Computer's Safari. Internet Explorer was the most frequently targeted web browser, accounting for 47 per cent of the attacking computers tracked by Symantec, given that it is the most widely adopted browser by enterprises and home users. Successful attacks targeting web browsers typically allow an attacker to gain the privilege of the user currently logged into the computer. That enables the attacker to escape detection and remain on the host systems unnoticed for long periods to steal information or launch attacks against other computers.
