Trend Micro held its annual analyst event last week in San Diego. While the weather was beautiful and the beach beckoned, Trend Micro security experts traded war stories. Of these, CTO Raimund Genes highlighted some very scary security statistics with the audience. For example:
* There were over 1 million new unique malware samples discovered in each of the past two quarters. Unlike the worms and mass-mailers of the past, many of these new samples were extremely targeted to particular industries, companies, and even users.
* Once PCs are infected they tend to stay infected. Eighty percent stay infected for more than a month and the median length of infection is 300 days.
* Of all compromised IP addresses, 75% are consumers and 25% are business users. This tells me that businesses have a real problem on their hands -- key loggers are stealing your IP and user credentials as you read this.
* More than 1.3 million banner ads are replaced each day with advanced click fraud operations. Also, more than 10m Google toolbar queries are highjacked each day.
* Fake security software is a big business. More than 100k users receive a "you are infected" message when viewing questionable web sites. Trend also mentioned that there are over 48k fake security software offerings per month. What could be worse than getting scammed by someone selling PC security and thus protection?
These statistics have become routine in my world but I don't believe that most people have any idea how bad things are. The reality is that they are far worse than they think.
As I've written many times lately, October is National Cybersecurity Awareness Month. I hope that these blogs help educate users about frightening trends like these before Halloween signifies the end of the month and another missed opportunity.