SOURCE: VeriSign, Inc.

December 16, 2008 12:17 ET

Cyber Security Reaches "Tipping Point" in 2008; Attacks on Critical Infrastructure Systems and Cyber Warfare Will Increase in 2009

New VeriSign iDefense Report Looks Back at 2008's Most Serious Security Threats; Outlines New Trends and Security Disruptors to Develop in 2009

MOUNTAIN VIEW, CA--(Marketwire - December 16, 2008) - The year 2008 was a time security threats and malicious activity reached a tipping point, and 2009 stands to be the year critical infrastructure systems become prime targets for cyber criminals and the global financial crisis will be exploited for a variety of malicious activities, according to a new report released today from VeriSign (NASDAQ: VRSN) iDefense Security Intelligence Services.

The report, "2009 Cyber Threats and Trends" seeks to aid education efforts about cyber security threats facing networks, enterprises and end-users by highlighting important trends that emerged in 2008, and attempts to predict security trends and disruptors that may develop in 2009 with lasting consequences for businesses in the coming decade.

Over the course of the past year, cyber crimes continued to increase in both frequency and severity thanks to new exploits and organizations to perpetrate them. Cyber Cartels, groups of young and modern cyber criminals likened by VeriSign iDefense to drug cartels of the 1980s, targeted commercial -- not individual -- banking accounts for fraud operations and security measures meant to protect those accounts and routinely defeated the protections.

Additionally, cyber warfare has become a reality in today's political climate, and several regions are seeing a rise in politically and financially motivated activities. According to VeriSign iDefense, Russian hackers are the most effective group when it comes to cyber fraud, while Chinese hackers utilize amateur hacking groups for low-level espionage operations.

"The cyber security landscape has fundamentally changed where 'script kiddies' no longer perpetrate the lion's share of malicious activity online," said Jason Greenwood, vice president and general manager, VeriSign iDefense Security Intelligence Services. "Professionalized cyber criminals, the rise of cyber cartels or extremists using online fraud as a means to fund their operations, and cyber espionage and warfare show how we have entered a new era of online security threats."

2009 Predictions and Long-Term Disruptors include:

--  Critical Infrastructure, notably the Supervisory Control and Data
    Acquisition systems (SCADA) that operate them, will likely see increased
    attacks in 2009.  SCADA systems are used to deliver such services as
    electrical power transmission, oil and gas pipelines, large communications
    systems, and water treatment and distribution
--  The current global financial crisis will provide unprecedented
    opportunities for cyber criminals or spies to exploit the turmoil caused by
    the crisis and the resulting institutional mergers, acquisitions, and
    collapses
--  The FastFlux infrastructure, which uses computers compromised by
    botnets to maintain dispersed and untainted IP space for criminal ventures
    such as phishing, will likely see increased use.  This will make current
    phishing takedown measures less effective and will require security
    professionals and institutions, which are often the targets of phishing
    attacks, to come up with new defense measures
--  Cyber Warfare has gone from a purely theoretical tool to a technically
    practical, common component of most political arguments.  VeriSign iDefense
    believes organizations or groups aligned with Russia will perpetrate the
    majority of these attacks
--  Middle Eastern cyber cartels will likely increase online fraud
    operations to support their agendas
    

"Though we have outlined a number of trends we expect to see in 2009, we also believe other disruptors will begin in the coming year and will pose hardships for security professionals in the years to come," said Rick Howard, Intelligence Director, VeriSign iDefense Security Intelligence Services. "The increased use of mobile phone platforms, virtual worlds, and the interconnection of devices with the implementation of IPv6 will provide new attack vectors that must be considered now, before they take hold."

VeriSign iDefense will conduct a webinar to discuss the 2009 Cyber Threats and Trends Report on Wednesday, December 17, 2008 at 2:00 P.M. EST. More information on the webinar, and information for signing up to attend can be found at:

http://www.verisign.com/security-intelligence-service/info-center/webcasts/index.html

About VeriSign, Inc.

VeriSign, Inc. (NASDAQ: VRSN) is the trusted provider of Internet infrastructure services for the networked world. Billions of times each day, VeriSign helps companies and consumers all over the world engage in communications and commerce with confidence. Additional news and information about the company is available at www.verisign.com.

Statements in this announcement other than historical data and information constitute forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. These statements involve risks and uncertainties that could cause VeriSign's actual results to differ materially from those stated or implied by such forward-looking statements. The potential risks and uncertainties include, among others, the uncertainty of future revenue and profitability; potential fluctuations in quarterly operating results due to such factors as the risk that VeriSign's announcements may not result in additional products, services, customers, profits or revenues; and increased competition and pricing pressures. More information about potential factors that could affect the company's business and financial results is included in VeriSign's filings with the Securities and Exchange Commission, including in the company's Annual Report on Form 10-K for the year ended December 31, 2007 and quarterly reports on Form 10-Q. VeriSign undertakes no obligation to update any of the forward-looking statements after the date of this press release.