Where is the hole?
It goes without saying that severe situations are dealt with on war footing, whereas, medium and low-severity vulnerabilities are taken for granted. What if the severity is less but destruction is mass? Here lies the hole.

Users often make patching for high-severity vulnerabilities a top priority, while medium and low-severity vulnerabilities may be ignored. This could result in the possibility of more computers remaining exposed for longer periods to these vulnerabilities.

For example, of the 12,885 site-specific cross-site scripting vulnerabilities identified by Symantec in 2008, only 394 (around three per cent) are known to be fixed.

Medium severity vulnerabilities affecting client or desktop applications are often sufficient for an attacker to mount successful malicious attacks on individual end users as well as at the enterprise level.

Broadband and cybercriminals
Symantec expects malicious activity to be pushed to regions with emerging Internet infrastructures. Emerging economies are today in the look out for means to push broadband penetration. However, broadband is going to be a crucial factor and will reap both connectivity laurels and malicious activities if not dealt properly.

Malicious activity usually affects computers that are connected to high-speed broadband Internet because these connections are attractive targets for attackers. Broadband connections provide larger bandwidth capacities than other connection types, faster speeds, the potential of constantly connected systems, and typically more stable connections.

Such a situation appeals attackers as potential bases for hosting phishing websites, spam relays, and other malicious content. No wonder the developed nations – China USA and Germany – are the top in the list of spam generators.

What do the attackers seek
The report finds that more than ever before, attackers are today concentrating on compromising end users for financial gain. In 2008, 78 per cent of confidential information were compromised for user data, and 76 per cent used a keystroke-logging component to steal information such as online banking account credentials.

Additionally, 76 per cent of phishing lures targeted brands in the financial services sector and this sector also had the most identities exposed due to data breaches. Similarly, 12 per cent of all data breaches that occurred in 2008 exposed credit card information.

This is likely due to the fact that there are numerous ways for credit card information to be stolen, and that stolen card data can be easily cashed out. This is because the underground economy has a well-established infrastructure for monetizing such information and specializing in manufacturing blank plastic cards with magnetic stripes destined to be encoded with stolen credit card and bankcard data.

Symantec expects that overt attack activities would either be abandoned or pushed further underground, i.e if the effort to set up malicious ISPs outweighs the return for attackers before being taken offline, it is likely that attackers would abandon this approach for other attack vectors in order to continue to evade detection and potential apprehension or prosecution.

Conclusion
Changes in the current threat landscape - such as the increasing complexity and sophistication of attacks, the evolution of attackers and attack patterns - are calling for a trend which, if not dealt promptly, would jeopardize the emerging world's security concerns.

With the increasing adaptability of malicious code developers and their ability to evade detection, it has become all the more important for the emerging economies to be on their toes, since they lack the resources to combat the growing involvement of organized crime in the online underground economy.