Security firm Symantec has released it's 11th Internet Security Threat Report, and if accurate (no reason to doubt that it is), it makes for some very grim reading indeed. I have taken some key findings from the summary which warrant highlighting:
- Symantec recorded an average of 5,213 denial of service (DoS) attacks per day, down from 6,110 in the first half of the year.
- Microsoft Internet Explorer was targeted by 77 percent of all attacks specifically targeting Web browsers.
- Symantec observed an average of 63,912 active bot-infected computers per day, an 11 percent increase from the previous period.
- China had 26 percent of the world’s bot-infected computers, more than any other country.
- Israel was the highest ranked country for malicious activity per Internet user, followed by Taiwan and Poland.
- Seventy-eight percent of malicious code that propagated did so over SMTP, making it the most commonly used propagation mechanism.
- Malicious code using peer-to-peer to propagate rose from 23 percent of all propagating malicious code in the first six months of 2006 to 29 percent in the last half of the year.
- The Symantec Probe Network detected a total of 166,248 unique phishing messages, a six percent increase over the first six months of 2006. This equates to an average of 904 unique phishing messages per day for the second half of 2006.
- Between July 1 and December 31, 2006, spam made up 59 percent of all monitored email traffic. This is an increase over the first six months of 2006 when 54 percent of email was classified as spam.
Most worrying, the report calculates that during the period of study, they counted more than 6 million machines infected by bots. This is particularly tied to the problem of spam, as infected machines are taken over to serve unsolicited messages. A global army of six million zombies can do a lot of damage, and guess what? It is doing a lot of damage! The report does not call for regulatory solutions, but for technical ones. The proposed solution to the bot problem could be for ISPs to filter known bot traffic, which would considerably hinder the network. One problem with this is that the bot-owners will start changing their traffic patterns, and maybe even encrypting communications.
I may be feeling bleak today, but this report depressed me. *Think happy thoughts, think happy thoughts*