Internet Security Threat Report: Mid-Term Report
Attack Toolkits and Malicious Websites
Launching widespread attacks on networked computers used to be a task reserved for a rare few hackers – those with an extensive knowledge of programming. This is no longer the case. The advent of attack toolkits has lowered the bar significantly, opening the doors for anyone with a basic understanding of networking and computers to produce threats that exploit vulnerabilities.
These toolkits are used to enable the theft of sensitive information or to convert compromised computers into a network of botnets in order to mount additional attacks. They are advertised and sold in the online underground economy. Symantec believes that attack kits play a significant role in the continuing evolution of cybercrime into a self-sustaining, profitable, and increasingly organised economic model worth millions of dollars.
This report provides an in-depth look at the evolution of attack kits, their features and how hackers use them to lure in victims, especially online. The report also provides mitigation techniques to help protect your organisation from the sophisticated attacks created by these toolkits.
Additional Resources
Solutions
With Symantec Enterprise Security solutions, you can standardise processes across physical and virtual platforms and endpoints, and secure and manage your organisation’s information — against more risks, at more points, with unparalleled efficiency, visibility, and effectiveness.
Protect Your Infrastructure
Are you completely protected against external threats? Many IT organisations do not have sufficient protection across their network, endpoints and storage systems. Even further, it is difficult to gain visibility and centrally manage security incidents across those solutions. Today’s threat landscape requires Enterprises to have central management, coupled with external threat intelligence to protect their infrastructure.- Endpoint Security: Comprehensive security for all your endpoints.
- Messaging Security: Inbound and outbound message protection.
- Web Security: Inbound and outbound Web traffic protection.
Protect Your Information
Do you know where your confidential information resides? Very few organisations have visibility into where their information is stored and how it is being used. Organised criminals are aware of this challenge and target companies with poorly protected information assets which make it critical for Enterprises to ensure confidential information is protected and used according to policy.- Data Loss Prevention: Comprehensive confidential data protection.
Develop & Enforce IT Policies
How do you enforce IT policies? Once an intruder has gained access to your corporate network, it is relatively easy for them to locate critical business assets, and exfiltrate them from your environment. To protect your information and your business, enforcing strong IT policies around network access and access to information are essential.- IT Compliance: Automate key IT compliance processes.
Manage Systems
Are your security patches up-to-date? Patch management while traditionally a systems management issue, has a very strong impact on the security posture of a company. It is becoming increasingly difficult to maintain patches and appropriately prioritising the ones that have security implications. Organisations are looking to improve IT process efficiencies to react quickly even in the event of an attack.- Security Management: Protect business interactions, information and IT infrastructure.
- Endpoint Management: Reduce IT costs and complexities while improving efficiencies.
- IT Service Management: Comprehensive IT asset lifecycle management.
- Endpoint Virtualization: Manage and protect your endpoint environments.
Products
Symantec Enterprise Security Solutions enable our customers to secure and manage infrastructure and information against a growing array of increasingly sophisticated threats. Each of our security solutions are award winning and the preferred choice amongst the world’s largest, and most data driven enterprises.
Data Loss Prevention Family
Comprehensive coverage of confidential data across endpoint, network, and storage systems. By measurably reducing risk, you renew confidence to demonstrate compliance while protecting customers, brand, and intellectual property.
Protection Suite Enterprise Edition
Creates a protected endpoint, messaging, and Web environment that is secure against today’s complex malware, data loss, and spam threats. Provides a single viewpoint across the enterprise to gain visibility on your overall security posture.
Protection Suite Enterprise Edition for Endpoints
Enables you to effectively manage the business risk of IT by reducing the risk profile of your most frequently targeted and attacked assets. Integrates protection solutions that increase the operational efficiency of your IT organisation.
Protection Suite Enterprise Edition for Gateway
Safeguards confidential data and employee productivity by creating a protected messaging, Web and network environment. Increase efficiency by combining industry-leading data loss prevention, messaging security, and defense against browser-based attacks.
Protection Suite Enterprise Edition for Servers
Delivers comprehensive and high performing protection where you need it. Protects against physical and virtual server downtime with policy based prevention using multiple protection technologies combined in a single cost effective protection suite.
Control Compliance Suite
A holistic, fully automated solution to manage all aspects of IT risk and compliance at lower levels of cost and complexity. Offers out-of-the-box content on multiple industry regulations and automated assessment of technical and procedural controls.
IT Management Suite
Reduces the cost and complexity of owning and managing corporate IT assets including desktops, laptops, and servers. Increases operational efficiency, and helps you make strategic decisions about your IT environment.
Comprehensive coverage of confidential data across endpoint, network, and storage systems. By measurably reducing risk, you renew confidence to demonstrate compliance while protecting customers, brand, and intellectual property.
Protection Suite Enterprise Edition
Creates a protected endpoint, messaging, and Web environment that is secure against today’s complex malware, data loss, and spam threats. Provides a single viewpoint across the enterprise to gain visibility on your overall security posture.
Protection Suite Enterprise Edition for Endpoints
Enables you to effectively manage the business risk of IT by reducing the risk profile of your most frequently targeted and attacked assets. Integrates protection solutions that increase the operational efficiency of your IT organisation.
Protection Suite Enterprise Edition for Gateway
Safeguards confidential data and employee productivity by creating a protected messaging, Web and network environment. Increase efficiency by combining industry-leading data loss prevention, messaging security, and defense against browser-based attacks.
Protection Suite Enterprise Edition for Servers
Delivers comprehensive and high performing protection where you need it. Protects against physical and virtual server downtime with policy based prevention using multiple protection technologies combined in a single cost effective protection suite.
Control Compliance Suite
A holistic, fully automated solution to manage all aspects of IT risk and compliance at lower levels of cost and complexity. Offers out-of-the-box content on multiple industry regulations and automated assessment of technical and procedural controls.
IT Management Suite
Reduces the cost and complexity of owning and managing corporate IT assets including desktops, laptops, and servers. Increases operational efficiency, and helps you make strategic decisions about your IT environment.
