Phishing has come of age, Web application vulnerabilities are still a serious threat and viruses are a continual and growing network annoyance. These are just a few findings of the semi-annual Symantec Corp. Internet Security Threat Report released today. It covers the period of July 1 to December 31, 2004.

During the documented period the volume of phishing messages (e-mails designed to get individuals to log on to a fake version of a legitimate corporate site and enter their user name and password) grew substantially. Symantec's own Brightmail anit-spam technology filtered an average of 4.5 million such messages a day at the end of the year, versus one million a day in July 2004.

"Attackers are always looking for the path of least resistance…with maximum benefit," said the report's executive editor Dean Turner, in Calgary. "Phishers use [e-mail] because it is an excellent medium."

What concerns Symantec is the increasing sophistication and focus of hackers who seek to achieve financial gains (rather than infamy) from their activities. According to the experts, this leads hackers to practice identity theft or to gain access to information that can be sold, such as accounts at financial institutions.

Also of note was the increase in viruses and worms during 2004. For instance, in the last six months of the year there were 7,360 new viruses and worms, as opposed to 4,496 documented cases in the first six months. In total, there were 11,856 cases in 2004 — a huge increase over the previous two years, which had fewer than 4,000 combined cases.

If there is a silver lining in the numbers, it is that there seems to be less innovation lately, with fewer new virus and worms being generated. (New versions in the second half of 2004 tended to be reworks of a particular known virus). Also, the six-month period did not see the release of a major worm of the Slammer, Code Red variety.

Another area of concern for Symantec was the increase in the number of Web application vulnerabilities. Though the increase was not as dramatic as for viruses and worms it still was substantial, almost doubling from the previous year’s same six-month period (from 369 to 670). Since Web apps allow users to bypass many firewall setups, the security ramifications of these vulnerabilities are substantial, Turner said. In addition, the number of vulnerabilities is potentially much higher than reported because many custom applications were not covered in the report.

Internet browsers also took a hit in the last six months of 2004. While none had more than four documented vulnerabilities in the first half of 2004, all (save Apple Safari which had none) had more than five in the latter half of the year. The big losers were Microsoft Corp.’s Internet Explorer with 13 and Mozilla’s browsers with 21.

The data was gathered from more than 20,000 network-monitoring sensors in over 180 countries. Malicious code, spyware and adware data was gathered from more than 120 million client, server and gateway systems.