IBM have just released their 2007 Midyear report. Here are the highlights
*A vulnerability is defined as any computer-related exposure or configuration setting that may result in a weakening or breakdown of the confidentiality, integrity or accessibility of the computing system.
There were a total of 3,273 vulnerabilities* entered in the first half of 2007, a 3.3 percent decrease over the first half of 2006. More than half (51.6 percent) of the vulnerabilities in the first half of 2007 would allow an attacker to gain access to the host after successful exploitation.
Spam and Phishing
• The U.S., Poland and Russia are the three largest originators of spam worldwide, with the U.S. accounting for one eighth of worldwide spam.
• The U.S. continues to lead the world as the final Web destination for products promoted through spam e-mail messages. The U.S. hosts more than one third of spam-related Web sites.
• For the first time, spam message size decreased in the first half of 2007 rather than continuing on a linear growth pattern. This decrease corresponds with the decrease in image-based spam.
• Europe now accounts for the largest source of phishing e-mail, with Spain counting for 17.9 percent of the world-wide volume alone.
• Almost half of all fraudulent phishing Web sites are hosted within the U.S.
Web Content
• “Unwanted” content decreased to 10 percent in the first half of 2007–down from 12.5 percent in 2006.
• Web sites that host pornographic or sex-related content account for 9.9 percent of the Internet.
• The U.S. continues to be the top hosting country for “unwanted” content such as violence and crime, pornography and sex, computer crime, and illegal drugs. This continues to mirror the observations from 2006.
This is obviously worrisome. But the slight diminution in attacks should not put us to rest and relax mode, but we need to keep on fighting against this kind of crime. I would also like to point you to the list of companies which were most targeted by phishing attacks. These were due to two reasons (in my opinion), either their popularity and large customer base or the fact that their security systems are not as good. If the former, well, size has its downsides, you are visible and will get attacked.
But if the latter, then you better work on these vulnerability. Read and reflect.
• Bank of The West
• Bank of America
• Branch Banking & Trust
• Chase
• Citibank
• Deutsche Bank
• E*Trade Financial
• Ebay
• Fifth Third Bank
• National City
• North Fork Bank
• PNC Bank
• PayPal
• Postbank
• Regions Bank
• Sparkasse
• U.S. Bank
• Volksbanken Raiffeisenbanken
• Washington Mutual
• Western Union
No comments:
Post a Comment