Symantec has released the MessageLabs Intelligence: 2010 Annual Security Report, which details the changing nature of criminal malware attacks during the last year, as well as offering some predictions for what to be wary of in 2011.
Highlights of the report include:
- The average global spam rate for the year was 89.1%, an increase of 1.4% compared with 2009. The proportion of spam sent from botnets was much higher for 2010, accounting for approximately 88.2% of all spam.
- Despite many attempts to disrupt botnet activities throughout 2010, by the end of the year the total number of active bots returned to roughly the same number as at the end of 2009, with approximately five million spam-sending botnets in use worldwide.
- The average rate for malware in email traffic was 1 in 284.2 emails (0.352%), almost unchanged when compared with 1 in 286.4 (%) for 2009.
- The Stuxnet Trojan made tangible the potential for malware to materially impact industrial control system hardware and cause significant disruption beyond cyberspace.
- The threat from targeted email attacks - which have the ultimate aim of gaining access to specific sensitive data, corporate intellectual property or access to confidential internal systems – has not diminished in 2010.
- The average number of web sites blocked as malicious each day rose to 3,188 compared with 2,465 in 2009; an increase of 29.3%. In 2010, MessageLabs Intelligence identified malicious web threats on 42,926 distinct domains, the majority of which were compromised legitimate domains.
- Many social networking platforms and social media web sites were being routinely abused and exploited; for example, by providing a rich seam from which personal information can be tapped about an individual in reconnaissance as a prelude to a more targeted attack.
For the 2011 forecasts, Symantec identifies security issues surrounding the increasingly mobile workforce, the migration towards Cloud-based services, malware specialization, automation of targeted attacks, the use of news trends for delivery, botnet control through steganography, router vulnerabilities, and the prevalence of URL shortening services.