IT | Security

Microsoft Security Intelligence Report V. 9

By: Absolute Team | 10/26/2010

Microsoft just released the 9th volume (Jan - June 2010) of its Security Intelligence Report (SIR), which, for this edition, focuses on botnets and their role in the malware landscape. The report also includes some defense strategies against botnets.

Bots, like other malware, are spread through gaps in security policies, exploiting security vulnerabilities and through social engineering tactics. The report recommends that both offensive and defensive tactics be used to protect organizations and individuals from botnet threats:

"Botnet detection using static and behavioral analyses and defense tactics such as honeypots and darknets are important aspects of the fight against botnets."

Some key findings from the report:

  • The locations with the most computers cleaned by Microsoft desktop anti-malware products were the US, Brazil, China and France
  • The first six months of 2010 saw a decline in the total number of breach incidents reported. Microsoft hypothesized that this downward trend may be related to the overall decline in worldwide economic activity over the same time period.
  • The largest single category of incidents involved stolen equipment, with 30.6 percent of the total.
  • Malicious incidents (those involving "hacking" incidents, malware, and fraud) routinely account for less than half as many incidents as negligence (involving lost, stolen, or missing equipment; accidental disclosure; or improper disposal)
  • Improper disposal of business records is the second largest source of breach incidents related to negligence, and the third largest source of incidents overall.

The report is now available in a fantastic web format, so it's very easy to browse through without needing to download. Check it out here and be sure to read the section on mitigating security breaches here. For more lovely stats, also be sure to check out the Q3 threat report from Sophos.