It was another "exciting" year in security. Symantec released its annual Threat Report. I had a chance to speak with the folks at Symantec and get a brief on the report.
There is a lot of great information in this year's edition. For the 2011 report, the Symantec folks have really jazzed up the graphics to illustrate "the year in security." I am embedding two of those graphics here. The first is an infographic with some totals of what the year looked like compared to previous years.Iif 2011 was the beginning of the age of "big data," this past year was the age of big numbers in security.
The sheer amount of attacks, IDs stolen, spam sent and viruses and other malware discovered are so large it is hard to wrap your head around them. One bright spot is that it appears the amount of spam being sent has dropped. This could be due to the take down of several large spambots or it could be a shift to more targeted attacks versus mass market spam.
Also, it seems that pharmaceutical spam is down significantly from last year. Haven't been seeing as much of those Viagra and Cialis mails recently I guess. Another key metric for me was that 50% of all targeted attacks were against SMBs, not large enterprises. For those of you reading this thinking that your mid-size company is not being targeted, think again. Everyone is a target. If you are an executive, you are much more likely to be targeted with malware and spearphishing.
One metric that surprised me was that general mailboxes (like info@ or support@) were the 2nd largest group of email boxes to come under attack. Another bright spot was that it seems the amount of zombies are down. Similar to spam this may be a case of taking down several large command and control centers for several large bot networks. But before you pop the champagne corks, the numbers, while down, are still pretty high. The same for spam for that matter, with about 42 billion spam messages a day.
One thing that I asked the Symantec folks about was if they measured anything on open source being more or less secure. Though they measure vulnerabilities found, they didn't break down by open source or not, so had no real insight there. The second graphic I am putting in there is a month-by-month breakdown of security events for the year. This is a pretty novel way of displaying this data. It gives you a good sense of how prevalent security incidents are, as well as what we are up against. Take a minute to review the year and see how many of these you remember.