 |
|
Press Release |
|
|
Internet Use Continues Steady Growth Despite Increases in Number of Security Threats
VeriSign Releases Latest Internet Security Intelligence Briefing On
Trends in Internet Usage, E-Commerce and Security Threats
MOUNTAIN VIEW, CA. – November 8, 2005 - VeriSign, Inc. (Nasdaq:
VRSN), the leading provider of intelligent infrastructure services for
the Internet and telecommunications networks, today released the latest
edition of the VeriSign® Internet Security Intelligence Briefing (ISIB).
The latest briefing presents growth trends in Internet usage, e-commerce
and security threat activity from April 1, 2005 to September 30, 2005.
The briefing also explores emerging security threats, including hidden
risks in Internet Telephony as well as spyware and adware abuse.
Salient points from the new briefing include:
Internet Usage and E-Commerce Continue Surge
Even with increasing levels in the frequency
and sophistication of Internet threats, including a near tripling of
malicious attacks in the past 12 months, Internet use continues to grow.
In Q3 2005 new registrations for .com generic top-level domain (gTLD)
increased 33 per cent, and the .net gTLD grew 24.1 per cent, year-over-year.
Additional relevant facts on Internet usage include the following:
- Over the past twelve
months, the average number of new alerts sent daily by the VeriSign®
iDefense® Security Intelligence Services team has increased from 21
to 59, largely due to the rise in malicious code such as viruses, worms,
bots and spyware.
- The total number
of active SSL certificates served by VeriSign worldwide reached new
highs, totalling 478,622 in Q3 2005.
- The number VeriSign™
Secured Seals delivered per day reached an all-time high of approximately
23.3 million per day in October 2005.
- In tracking the
growth of over 135,000 retailers over the past 4 quarters, VeriSign
observed the number of e-commerce transactions has grown 29 per cent,
with the total cash volume increasing by 41 per cent.
- On a yearly basis,
the average transaction value processed by VeriSign Payment Services
increased 9 per cent from £83 in Q3 2004 to £91 in Q3 2005.
- VeriSign servers
facilitated 1.184 trillion DNS queries during Q3 2005, unchanged from
the 1.2 trillion look-ups in Q2 2005.
Emerging Security Threats - Internet Telephony and Spyware/Adware
The latest report highlights the security implications
associated with Internet Telephony services, such as Voice over Internet
Protocol (VoIP). According to VeriSign, data traffic represents the
primary Internet Telephony security target. VoIP packets lack clearly
recognised signatures, making it difficult for IT administrators to
distinguish legitimate VoIP traffic from trojans slipped into the network.
To protect against this threat, the briefing recommends IT administrators
isolate the VoIP network completely, using entirely separate networks
for voice and data traffic, or by connecting through a Virtual Private
Network (VPN). Other VoIP vulnerabilities explored in the briefing include
VoIP eavesdropping, Premium Rate Fraud and VoIP Spam.
This report also looks at how spyware and adware
applications take advantage of old browsers and operating system vulnerabilities.
VeriSign found that many of these malicious programs use the same operating
system vulnerabilities to install themselves on end-user computers.
Four exploits are commonly used to install spyware and adware: Exploit-ByteVerify,
JS/Exploit-HelpXSite, Exploit-ANIfile and JS/Exploit-MHTRedir.gen. Vendors
have released patches to remove all these vulnerabilities; in some cases,
vendors issued these patches years ago. VeriSign recommends prompt
installation of security patches to help prevent infections from these
programs.
‘VeriSign continues to be encouraged by the
increase in Internet use and commerce, but sees the significant growth
in adware and spyware vulnerabilities as a sign that the IT community
and end-users must remain diligent in protecting their systems,’ said
Judy Lin, executive vice president and general manager, VeriSign Security
Services. ‘In the third quarter of 2005, 65 per cent of medium to high
priority security events tracked by VeriSign were due to network vulnerabilities.
Even though patches are readily available for vulnerabilities, many
are not taking advantage of them, allowing hackers to exploit the same
vulnerability multiple times.’
This report draws on comprehensive data gathered
from VeriSign intelligent infrastructure, including DNS services, digital
certificates, Managed Security Services (MSS), Payment Services and
Fraud Protection Services. (In October 2005, VeriSign announced the
sale of its payment gateway assets to PayPal, an eBay company. The sale
is expected to close in Q4 2005.) The report also contains a new set
of metrics showing the number, severity and type of Internet software
security issues based on data from iDefense, which VeriSign acquired
in July 2005.
VeriSign will host a Web seminar to discuss
the briefing, hosted by Phillip Hallam-Baker, principal scientist, and
Buck Watia, malcode engineer, on November 15 at 11:00 am PST. For more
information, and to register for the seminar, please go to:
http://verisignevents.webex.com/verisignevents/onstage/g.php?d=277411477
The purpose of this briefing is to help the
Internet community and enterprise technology managers gain deeper insight
into evolving trends in Internet usage, security and fraud. The complete
briefing is available online at:
http://www.verisign.com/Resources/Intelligence_and_Control_Services_White_Papers/internet-security-briefing.html
About VeriSign
VeriSign, Inc. (Nasdaq: VRSN) operates intelligent infrastructure services
that enable and protect interactions across voice and data networks
— at any time, from anywhere on multiple devices.. Additional news and
information about the company is available at http://www.verisign.co.uk.
For more information, contact:
VeriSign Media Relations: Brendan P. Lewis, brlewis@verisign.com,
+1 650-426-4470
VeriSign Investor Relations: Tom McCallum, tmccallum@verisign.com,
+1 650-426-3744
Statements in this announcement other than historical
data and information constitute forward-looking statements within the
meaning of Section 27A of the United States Securities Act of 1933 and
Section 21E of the Securities Exchange Act of 1934. These statements
involve risks and uncertainties that could cause VeriSign's actual results
to differ materially from those stated or implied by such forward-looking
statements. The potential risks and uncertainties include, among others;
the ability of VeriSign to successfully develop and market new services
and customer acceptance of any new services, the risk that VeriSign's
announced strategic relationships may not result in additional products,
services, customers and revenues; increased competition and pricing
pressures. More information about potential factors that could affect
the company's business and financial results is included in VeriSign's
filings with the US Securities and Exchange Commission, including in
the company's Annual Report on Form 10-K for the year ended December
31, 2004 and quarterly reports on Form 10-Q. VeriSign undertakes no
obligation to update any of the forward-looking statements after the
date of this press release.
# # #
|
|
|
