SYMANTEC ENTERPRISE SECURITY
Symantec Internet Security Threat Report
Trends for January–June 07
Volume XII, Published September 2007
Executive Summary
The Symantec Internet Security Threat Report provides a six-month update of worldwide Internet threat
activity. It includes analysis of network-based attacks, a review of known vulnerabilities, and highlights
of malicious code. It will also assess trends in phishing and spam activity. This summary of the Internet
Security Threat Report will alert readers to current trends and impending threats. It will also offer
recommendations for protection against and mitigation of these concerns. This volume covers the
six-month period from January 1 to June 30, 2007.
Symantec has established some of the most comprehensive sources of Internet threat data in the world.
The Symantec™ Global Intelligence Network tracks attack activity across the entire Internet. It consists
of over 40,000 sensors monitoring network activity in over 180 countries. As well, Symantec gathers
malicious code reports from over 120 million client, server, and gateway systems that have deployed
Symantec’s antivirus products.
Symantec operates one of the most popular forums for the disclosure and discussion of vulnerabilities
on the Internet, the BugTraq™ mailing list, which has approximately 50,000 direct subscribers who
contribute, receive, and discuss vulnerability research on a daily basis.1 Symantec also maintains
one of the world’s most comprehensive vulnerability databases, currently consisting of over 22,000
vulnerabilities (spanning more than a decade) affecting more than 50,000 technologies from over 8,000
vendors. The following discussion of vulnerability trends is based on a thorough analysis of that data.
1 The BugTraq mailing list is hosted by SecurityFocus (http://www.securityfocus.com). Archives are available at http://www.securityfocus.com/archive/1
Dean Turner
Executive Editor
Symantec Security Response
Stephen Entwisle
Senior Editor
Symantec Security Response
Eric Joh