It was another "exciting" year in security. Symantec released its annual Threat Report. I had a chance to speak with the folks at Symantec and get a brief on the report.
There is a lot of great information in this year's edition. For the 2011 report, the Symantec folks have really jazzed up the graphics to illustrate "the year in security." I am embedding two of those graphics here. The first is an infographic with some totals of what the year looked like compared to previous years.Iif 2011 was the beginning of the age of "big data," this past year was the age of big numbers in security.
The sheer amount of attacks, IDs stolen, spam sent and viruses and other malware discovered are so large it is hard to wrap your head around them. One bright spot is that it appears the amount of spam being sent has dropped. This could be due to the take down of several large spambots or it could be a shift to more targeted attacks versus mass market spam.
Also, it seems that pharmaceutical spam is down significantly from last year. Haven't been seeing as much of those Viagra and Cialis mails recently I guess. Another key metric for me was that 50% of all targeted attacks were against SMBs, not large enterprises. For those of you reading this thinking that your mid-size company is not being targeted, think again. Everyone is a target. If you are an executive, you are much more likely to be targeted with malware and spearphishing.
One metric that surprised me was that general mailboxes (like info@ or support@) were the 2nd largest group of email boxes to come under attack. Another bright spot was that it seems the amount of zombies are down. Similar to spam this may be a case of taking down several large command and control centers for several large bot networks. But before you pop the champagne corks, the numbers, while down, are still pretty high. The same for spam for that matter, with about 42 billion spam messages a day.
One thing that I asked the Symantec folks about was if they measured anything on open source being more or less secure. Though they measure vulnerabilities found, they didn't break down by open source or not, so had no real insight there. The second graphic I am putting in there is a month-by-month breakdown of security events for the year. This is a pretty novel way of displaying this data. It gives you a good sense of how prevalent security incidents are, as well as what we are up against. Take a minute to review the year and see how many of these you remember.
As co-founder and Managing Partner at The CISO Group, Alan Shimel is responsible for driving the vision and mission of the company. The CISO Group offers security consulting and PCI compliance management for the payment card industry. Prior to The CISO Group, Alan was the Chief Strategy Officer at StillSecure. Shimel was the public persona of StillSecure as it grew from start up to helping defend some of the largest and most sensitive networks in the world.
Shimel is an often-cited personality in the technology community and is a sought-after speaker at industry and government conferences and events. His commentary about the state of security, open source and life is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan is now also a regular contributor to The CISO Group’s security.exe blog and podcast. Follow him on Google.
Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.
Disclosure: The CISO Group sells a software-as-a-service PCI compliance application called SAQPro. The company is independent and does not represent any other vendor's products as a reseller.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited.