‘Tis the season for 2011 threat reports to start emerging, and here is Cisco’s contribution. The Q4-11 report covers the period from 1 October 2011 through 31 December 2011. This quarter’s contributors were Cisco Intrusion Prevention System (IPS), Cisco IronPort, Cisco Security Research and Operations (SR&O), and Cisco ScanSafe.
Highlights from the Cisco 4Q11 Global Threat Report include:
- An overall average of 362 Web malware encounters per month occurred throughout 2011.
- Enterprise users experienced an average of 339 Web malware encounters per month in the quarter.
- The highest average rate of encounters occurred during September and October (698 and 697).
- An average of 20,141 unique Web malware hosts were encountered per month in 2011, compared to 14,217/month in 2010
- During 4Q11, 33% of Web malware was zero-day, not detectable by traditional signature-based methodologies.
- The rate of SQL injection signature events remained steady, with a slight decrease observed as the quarter progressed.
- Denial-of-service events increased slightly over the course of 4Q11.
- Global spam volumes continued to decline throughout 2011.
The new Cisco Security Intelligence Operations (SIO) portal provides early-warning intelligence, threat and vulnerability analysis, and proven Cisco mitigation solutions to help protect your network. Cisco Global Threat Reports, as well as previous publications, including the Cisco Annual Security Reports, are now located there.
Download a copy of the Cisco 4Q11 Global Threat Report.