Kevin Isaac

'Typically the Middle East IT scene runs about two years behind the US, and that is true in security as well,' says Regional Director Kevin Isaac. 'The Government bodies are very active but in the Small and Medium Enterprises space investment in security is lacking.'

Not that local firms have any reason to relax. This week Symantec released its latest Internet Security Threat Report. The sixth bi-annual report provides analysis and discussion of trends in Internet attacks, vulnerabilities, and malicious code activity for the first half of 2004.

It shows that the Middle East leads the world as the source of Internet threats per capita, although the USA is once again the source of the most attacks by volume, with 37% of the global attacks originating from its shores. When the attack per capita rates are examined, Egypt is sixth, Turkey seventh, Kuwait fifteenth and Oman seventeenth.

'There are a number of things which explain these findings,' said Mr. Isaac. 'Many countries have adopted broadband and abandoned monopolistic practices in the telecom sector, bringing cheaper and faster Internet connectivity to homes and offices across the region.

'This is undoubtedly a benefit, but if these new users are not aware of the security risks that the Internet can pose then they can become the targets of criminals looking to set up bot networks. A bot network is a collection of machines invisibly infected by Trojans, which are remotely controlled to issue viruses or Internet threats in to the wild.

'Simple measures can clear Trojans from a user's machine, such as a free virus scan available on the internet or a comprehensive firewall and anti-virus solution, banishing the Trojan and therefore disabling the criminals from remotely controlling their computer.'

He notes that the increasing penetration of the Internet has also triggered the interest of youths across the region, a factor that may explain attacks from places like Egypt and Turkey.

This latest Internet Security Threat Report also demonstrates that exploits are being created more easily and faster than ever, while attackers are launching more sophisticated attacks for financial gains. Software vulnerabilities and targeted attacks remain a primary area of concern for organizations and individuals.

'By publishing a comprehensive and accurate update on Internet threat activity, Symantec is providing the information security community the information needed to effectively secure systems now and in the future,' added Mr. Isaac.

In the latest report, e-Commerce was the single most targeted industry, with nearly 16 percent of attacks against it. This represents a four-fold increase from the four percent reported during the previous six months.

'This rise may indicate a shift from attacks motivated by notoriety to attacks motivated by economic gain,' said Mr. Isaac. 'This possibility is further illustrated by an increase in phishing scams and spyware designed to steal confidential information and pass it along to attackers.'

Anyone who has received emails requesting bank account details recently will know what phishing is about. In this kind of email scam the fraudster wants to obtain bank account details by deceptions which can be quite elaborate and very realistic.

However, Mr. Isaacs is only too aware than even the finest software will not protect against such scams in many cases which prey on the vulnerability of people to conmen. However, for many other security attacks good security software is a must have, that explains why Symantec has 120 million customers around the world and a rising number in the Middle East.