Earlier this month Microsoft released the sixth version of its Security Intelligence Report (SIR). This report compiles and analyzes data from hundreds of millions of computers worldwide as well as some of the busiest online services. This very comprehensive report draws out recent trends in software security and indentifies areas of vulnerability. This most recent version used data from July to December 2008.
This Microsoft SIR found a few interesting trends. The first is the proliferation of security exploits using common file extensions. Software and email security has gotten better at blocking dangerous file extensions like .exe, but hackers have recently changed their tactics to exploit common file types like Adobe PDF (.pdf) and Microsoft Powerpoint (.ppt). PDF exploits in particular saw a dramatic rise in 2008. Adobe has since addressed this issue with critical updates issued in March.
The Microsoft report also states that more than 97% of all email messages sent across the internet are unwanted spam. This number is down slightly over last year, when spam accounted for over 98% of all emails sent. The top content of all this spam was pharmaceutical ads, which account for 48.6% of all spam messages. In the second half of 2008, sexually oriented pharmacy ads declined dramatically, but the overall number of pharmacy spam remained fairly constant. Maybe Viagra is too easy to come by nowadays? Also worth noting is the dramatic decline in stock market spam and the increase of financial and get rich quick spam. This seems to correlate well with the financial turmoil experienced during the same time.
There was also a dramatic decrease in overall spam phishing impressions in November, due to the McColo de-peering. Levels spiked again in December, presumably because spammers found a new place to send their messages from. It’s also interesting to note that the US hosts more phishing sites than anywhere else in the world, with Texas being the state with the most hosts.
The Microsoft SIR highlights the recent trend in rogue security software. These rogue distributors use fear and social engineerng techniques to lure victims into paying for full versions of bogus security software.
For a summary of this massive Microsoft Security Intelligence Report, download the summary from Microsoft. The full version with 184 pages of analysis is also available at the same link.
