Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Symantec Intelligence
Showing posts in English
Ben Nahorney | 14 Nov 2013

Welcome to the October edition of the Symantec Intelligence report. Symantec Intelligence aims to provide the latest analysis of cyber security threats, trends, and insights concerning malware, spam, and other potentially harmful business risks.

This month we saw one of the largest data breaches in a number of years, where 150 million identities were exposed due to this one breach. This has more than doubled the number of identities exposed so far this year, when compared to our previous numbers through September.

October also saw an increase in the number of targeted attacks. These numbers are up fivefold compared to September, and even surpassing previous Octobers in 2011 and 2012, though still much lower than their peaks this summer.

When comparing the size of the targeted organizations, we see that a majority of attack attempts are against large corporations with...

Ben Nahorney | 18 Sep 2013

In this month’s report we take a look at social media scams so far in 2013. What we have noticed is that fake offerings, such as bogus opportunities for discount purchases, has dominated the social landscape this year, making up 82 percent of all social media attacks.

In the realm of data breaches, August saw a decrease in the number of breaches, with seven reported during the month. However, there were a further nine breaches reported in August that had occurred earlier in the year, bringing the total to 125 breaches resulting in a total of 91 million identities being exposed in 2013 so far.

In other news, 213 new mobile malware variants were discovered this month, a modest increase since July, but nowhere near the numbers we saw in June. There were 469 new vulnerabilities discovered in August, a 13 percent increase compared to the total in August of 2012.

The global spam rate fell 2.4 percentage points from July to 65.2 percent. The top-level domain for...

Darragh Cotter | 25 Jul 2013

Symantec’s Internet Security Threat Report (ISTR) is an annual report which provides an overview and in-depth analysis of the online security landscape over the previous year. The report is based on data from Symantec’s Global Intelligence Network, which Symantec analysts use to identify, analyze, and provide commentary on emerging trends in cyberattacks, malicious code activity, phishing, and spam as well as the wider threat landscape trends in general.

The latest release, ISTR volume 18, may be considered the most comprehensive and detailed to date. Among other findings, the report incorporated up-to-date data and analysis on targeted attacks, data breaches, malware, spam, vulnerabilities, and mobile malware.

Everyone in Symantec is extremely proud of the ISTR; however, this is no time to rest on our laurels. We are constantly looking to improve the quality of our...

Ben Nahorney | 13 Jun 2013 | 0 comments

As the seasons change and we move from spring into summer, we’ve released the May Symantec Intelligence Report with a new look and feel. For this issue, we’ve focused on a few select topics that we've looked at over the months in the report, and also a few that we highlighted in this year's Internet Security Threat Report.

For starters we’ve taken a look at data breaches. Symantec and the Ponemon Institute have just released their annual Cost of a Data Breach report, which covers trends seen in 2012. Looking ahead into the New Year, we cover what has happened so far in 2013, where the number of data breaches is up for...

Ben Nahorney | 16 May 2013

As the urban legend goes, the bank robber Willie Sutton was asked why he robbed banks. “Because that’s where the money is,” he is attributed as saying. While Sutton has long since distanced himself from the statement, the concept resonates with many people, to the extent that it’s been used to describe principles in accounting and even medicine.  

This principle also holds true in the world of Internet security. In the latest version of the Internet Security Threat Report we discussed the major trends in the spam world, where the percent of spam email continues to decline while more and more social networks are being targeted. Given the growth of social networking in recent years as a...

Ben Nahorney | 12 Feb 2013 | 0 comments

In this month’s report, we find that the email malware rate has dropped significantly since December, where only one in 400 emails containing a virus in January. This is the lowest virus rate we’ve seen since 2009. It could indicate that email virus distributors took a break after the holiday season, or that they have continued to migrate away from email as a choice for malicious payload delivery. We’ll watch this trend carefully to see if it continues to drop off.

In other news this month, Valentine’s Day spam is in full swing. Such spam generally arrives as an ecard during this time of year, preying upon a potential victim’s curiosity about a potential secret admirer—a situation where a legitimate email would likely arrive unsolicited in the first place. Unfortunately many such emails around this time of year do not lead to unexpected romance, but rather fake bargains, phishing attempts, or malicious code. More details on these scams can...

Paul Wood | 11 Jan 2013 | 0 comments

In December’s Symantec Intelligence Report we take a closer look at our worldwide stats on the threat landscape. For the month of December, the United States claimed the dubious honor of being the largest source of spam at 12.7%, phishing scams at 24.2%, and virus attachments at 40.9% globally. It’s not unusual for the US to top one or two of these three categories, though claiming the triple crown of risk-based distribution is a little less common.

In other country news, Norway has jumped up to become the most targeted country for phishing attacks, as we’ve determined that 1 in 81.4 emails in the country were phishing attempts in December. Norway also came in second biggest source country, distributing 20.2% of all worldwide phishing attacks. The reasons why one country would jump like this are often varied, but likely due to a concerted...

Ben Nahorney | 10 Dec 2012 | 1 comment

It seems that everywhere you turn this year, there’s news of another data breach. Sometimes it’s a laptop stolen, other times it’s hackers compromising a database. No matter how they occur, each breach leads to someone’s identity being exposed. Whether or not this exposure leads to identity theft, there’s no doubt that the risk involved, and the frequency that these breaches are occurring makes data breaches one of the top security issues of 2012.

In this month’s Symantec Intelligence Report, we examine the types of data that is often stolen during a data breach. It turns out the most commonly stolen information is more personal than you might first expect: a person’s real name is more likely to be stolen than a username or password.

Overall, the median number of identities stolen per breach...

Takashi Katsuki | 19 Nov 2012 | 0 comments

Initially, I thought that Backdoor.Makadocs was a simple and typical back door Trojan horse. It receives and executes commands from a command-and-control (C&C) server and it gathers information from the compromised computer including the host name and the operating system type. Interestingly, the malware author has also considered the possibility that the compromised computer could be running Windows 8 or Windows Server 2012.

Figure 1. Operating Systems check

Windows 8 was released in October of this year. This is not necessarily a surprise for security researchers as we always encounter new malware when new...

Paul Wood | 13 Nov 2012 | 0 comments

In this month’s report we investigate a new social networking avenue that scammers are attempting to leverage: Instagram. They’re doing so in order to gather personal details and persuade users to sign up for premium-rate mobile services, among other things, generally by creating fake accounts:

The scams take on a number of forms, from spam comments, to fake followers, to liking photos in the hopes people will check out their profiles, which in turn often contain more spam links.

We’ve also noticed a significant drop in email spam volumes this month. The global spam rate has dropped by more than 10%, from 75% of email traffic in September, down to 64.8% in October. It’s good news overall, resulting in a 50 percent drop in spam volume over a two-month period.  We take a look at some of the likely causes for this significant drop.