After analyzing online security threats encountered across the globe from January to June 2013, on more than 1 billion systems, Microsoft's Security Intelligence Report volume 15 is broken down into "in-depth perspectives" on vulnerabilities, exploits, malware, email threats, malicious websites, cloud security and best tips for mitigating risk.
New for this report, Microsoft talks about “encounter rates;” the total number of computers that encountered malware, compared to the total number of computers infected with malware and cleaned with Microsoft's Malicious Software Removal Tool. Worldwide, 17 out of every 1,000 computers encountered malware, but only six out of every 1,000 were infected and cleaned. In the U.S., during the first half of the 2013, 11.51% of PCs encountered malware, but only 8 of every 1,000 were infected and cleaned.
The evils of still running Windows XP play nicely into this malware infection encounter rates theme. If you are still running XP, then Microsoft answers this conundrum with the need to update to Windows 8. Although some people love Windows 8, it seems like a train wreck when used on a PC or non-touchscreen-friendly laptop.
But, according to Tim Rains, director of Microsoft Trustworthy Computing, the data from this newest Security Intelligence report illustrates "the positive impact that security innovations in newer operating systems are having. Modern operating systems such as Windows 8 include advanced security technologies that are specifically designed to make it harder, more complex, more expensive and, therefore, less appealing for cybercriminals to exploit vulnerabilities." In fact, a large portion of Rains' post is devoted to the dangers of clinging to XP.
Separately, in a post about HP's Zero Day Initiative and verifying kernel level vulnerabilities, Dave Weinstein wrote about how a framework to prove exploitation became more complicated and required more steps when targeting Windows 8 and Windows 8.1. So, like it or not, you will probably get hammered if you stay on XP beyond April 8, 2014, when all XP support and security updates end.
Microsoft's SIR is always interesting as it drills down to extreme details. You should probably check it out, but here are few "overall" detail graphs for some categories.
Below is one example from email threats, specifically spam blocked by Exchange Online Protection filters.
Like each of the security topics covered in SIR, the malicious website section is extremely detailed, such as phishing, drive-by-downloads, malware hosting sites, concluding with guidance for protection. The graph below covers categories of malware found at sites blocked by SmartScreen Filter in 1H13.
Cloud security -- trillions of logs and events to review
Before diving into cloud security, such as Domain Name System (DNS) attacks and DDoS attacks, Microsoft gave a migraine-inducing example of the challenges cloud incident response teams face.
The infrastructure required to serve hundreds of millions of customer accounts on every continent generates an astronomical amount of data in the form of logs, alerts, and other telemetry. Over the course of one recent month, the domain controller logs for servers that manage primary Microsoft production environment domains generated 57.1 billion Windows security events. Add in network data (including NetFlow telemetry), firewall events, and intrusion prevention system (IPS) events, and event counts easily reach the trillions. And that's primarily from non-virtual systems!
Microsoft most assuredly sees more threats than most, placing it in a unique position to share security threat details and guidance to mitigate risk. Grab your copy of SIRv15.
Like this? Here's more posts:
- How Microsoft invented, or invisibly runs, almost everything
- Misery by Microsoft: IE11 mangled Google, Windows RT 8.1 bricked some devices
- Wireless feature disabled on pacemaker to stop hackers from assassinating Cheney
- FBStalker and GeoStalker data mining tools can dig into your life
- Extreme tech for covert audio surveillance
- That's no poltergeist invading your privacy: Spooky spying hacks make homes seem haunted
- Most parents allow unsupervised internet access to children at age 8
- Not even Microsofties trust Microsoft’s approach to privacy
- Wham bam thanks for giving up your Facebook and Google privacy, ma'am
- Chris Hemsworth goes to 'nerd school' for hacking in cyber-terrorism thriller 'Cyber'
- Ex-NSA chief Michael Hayden got schooled on how much eavesdropping stinks
- Eavesdropping made easy: Remote spying with WeMo Baby and an iPhone
Follow me on Twitter @PrivacyFanatic