Cyber criminals worked furiously in 2009

eBook: The DevOps Roadmap for Security - Tips and tools for bridging the security tribe into DevOps. Download →

Symantec’s Security Responce team took it upon itself to gather information from various sources and thousands of experts and compile a list of threats that marred the information security landscape this past year.

As they shared on their blog, cyber criminals have been very busy in 2009 – there have been 403 data breaches, 43 million fake security software installation attempts have been detected, the amount of malware-bearing spam emails has seen a nine-fold increase and 14.4 million drive-by download attempts just in a two-month period!

The scope of Internet threats has really grown wide:

  • As mentioned before, the number of spam emails with malware in the attachment has risen spectacularly
  • Social networking sites (like Facebook and Twitter) and their users became a commonplace target
  • Fake security software also became a common occurrence
  • Toolkits and threat recycling have made malware easier to create than ever
  • Criminals are efficiently using botnets to organize attacks
  • Hot news topics (disasters, deaths of celebrities, diseases) are used for luring unsuspecting victims to sites where they get infected by malware
  • Overall spam volume is back to the levels we have witnessed prior to the shutdown of McColo
  • Malware mutates at a faster speed, making it nearly impossible to detect by traditional antivirus software.

The only thing that gives us hope for the future is that international cooperation has become a more widespread occurrence and an effective weapon in the fight against these threats. Symantec experts also predict that a big factor in getting the upper hand in this fight in 2010 will be a reputation-based approach to security.