WebSense 2010 Threat Report

WebSense has published its 2010 Threat Report.  I have only just started reading the report, but the page that it is posted on provides these highlighted findings, affirming that while broad threats continue, focused, targeted attacks are on the rise:

  • 111.4% increase in the number of malicious websites from 2009 to 2010
  • 79.9% of websites with malicious code were compromised legitimate sites
  • 34% of malicious Web/HTTP attacks included data-stealing code
  • 52% of data-stealing attacks were conducted over the Web
  • 89.9% of all unwanted emails during this period contained links to spam sites and/or malicious websites
  • The US and China continued to be the top 2 countries hosting crimeware and receiving stolen data during 2010
  • The Netherlands has found its way into the top 5 countries hosting crimeware and receiving stolen data
  • Searching for breaking news represented a higher risk (22.4%) than searching for objectionable content (21.8%)
  • 23% of real-time search results on entertainment lead to a malicious link
  • 40% of all Facebook status updates have links and 10% of those links are either spam or malicious

The Websense report also analyzes recent headline-grabbing attacks such as Aurora, Stuxnet, and Zeus, and others for malicious and data stealing code.  Also featured are statistics on the top five hosts of data-stealing code, a deep analysis of social Web content and threats, and an in-depth link analysis of top social networks.

Get the full report from here!


Eliminate The “Cyber” from Cyber-Crime

-=] RANT ALERT! [=-

Finally, I see that others are beginning to come around.  Notice that I try hard to steer away from the use of the term “cyber” when dealing with Incident Response or crime stories.  I despise the use of “cyber” as a way to indicate and differentiate online crime from other forms of criminal activity, unless it serves some special, definable purpose.  Fraud perpetrated electronically is no different than fraud perpetrated using the snail-mail system, forgery, or through any other scam.  One exception might be if we are parsing the various tpyes of fraud out for comparison:

  • Cyber-crime
  • Violent-crime
  • Street-crime
  • Hate-crime

Crime perpetrated online is just crime, perpetrated online.  Criminals that use the internet and technology to fleece their marks are just criminals with a modern set of tools and a newer medium for plying their trade.  An online attack to cripple a country’s Internet access is a combat tactic, not “cyber-warfare”.  An electronic attack to cripple a country’s radar capabilities is a combat tactic, not “radar-warfare” (although back in the 80’s it was sometimes referred to as “Electronic warfare” or jamming). 

I hope but do not expect that the media will eventually abandon the all too catchy term “cyber” and start calling it what it is.