Community

Symantec.com > Business > Internet Security Threat Report
The Symantec Security Response team conducts ongoing, in-depth research and analysis of current threat trends impacting users of the Internet. To better enable you to implement effective security measures, Symantec provides detailed reports of trends, impact and preventive measures that you can deploy to protect and manage your information.

Internet Security Threat Report 16,
April 2011

The Symantec Internet Security Threat Report provides an annual overview and detailed analysis of Internet threat activity, malicious code, and known vulnerabilities. The report also discusses trends in phishing, spam and observed activities on underground economy servers.


Symantec Connect Security Community

Read what Symantec's Security Response experts are writing about the latest edition of the Internet Security Threat Report.


Visit the Security Response Blog.

 

Other Resources

Regional Data Sheets

The following reports provide in-depth analysis on regional threat activity.

Did You Know: Internet Security Threat Report, 16
Learn about the latest threats and security trends covered in the Symantec Internet Security Threat Report (ISTR), a comprehensive source of Internet threat data that provides an overview and analysis of the year in global Internet threat activity. Play Video
ISTR 16: Cyber Threats Skyrocket in Volume and Sophistication
Join security expert Kevin Haley as he discusses highlights of the latest Symantec Internet Security Threat Report. Kevin will review high profile threats such as Hydraq and Stuxnet in 2010; discuss the security impacts of the growing popularity of social networks; review findings from the report on the future of mobile security; and share interesting results related to attack toolkits.

Symantec Intelligence Quarterly

Symantec Intelligence Quarterly offers analysis and discussion of threat activity over a three-month period and is intended to be a complement to the annual Symantec Internet Security Threat Report (ISTR). It covers Internet attacks, vulnerabilities, malicious code, phishing, spam and security risks.

Symantec Intelligence Quarterly, July – September 2010 Reports

There are two reports for the July – September 2010 quarter, as well as a summary of key findings, and a summary of best practices and methodologies from these latest reports.

Global Intelligence Quarterly Report

Europe, the Middle East, and Africa Intelligence Quarterly Report

Key Findings Summary

Best Practices and Methodologies Summary

Highlights & Trends

July – September 2010:
Previous Report, April – June 2010
 
The United States was the top country for malicious activity in this quarter, accounting for 23 percent of the total.
Last quarter, the U.S. accounted for 21 percent of the total.
 
Credit card information is the most commonly advertised item for sale on underground economy servers known to Symantec in this quarter, accounting for 23 percent of all goods and services.
Last quarter, credit card information accounted for 28 percent of the total.
 
The top Web-based attack for the quarter was related to the Microsoft Internet Explorer ADODB.Stream Object File Installation Weakness, which accounted for 36 percent of the total.
Last quarter, the top Web-based attack was related to malicious PDF activity, which accounted for 36 percent of the total.
 
The most common malicious code sample by potential infections during this quarter was the Sality.AE virus.
The Sality.AE virus was also the most common last quarter.
 
Symantec observed 14.6 trillion spam messages during this quarter, accounting for 91 percent of all email messages observed.
Last quarter, Symantec observed 12.7 trillion spam messages during this quarter, accounting for approximately 89 percent of all email messages observed.
 
The majority of brands used in phishing attacks this quarter were in the financial sector, which accounted for 73 percent of the total.
During the last quarter, the financial sector also accounted for 73 percent of the total.
 

Previous Global Reports of the Symantec Intelligence Quarterly

Symantec Intelligence Quarterly: Global Report (April – June 2010)

Symantec Intelligence Quarterly: Global Report (January – March 2010)

Symantec Intelligence Quarterly: Global Report (October – December 2009)

Symantec Intelligence Quarterly: Global Report (July – September 2009)

Internet Security Threat Report: Mid-Term Report

Attack Toolkits and Malicious Websites

Launching widespread attacks on networked computers used to be a task reserved for a rare few hackers – those with an extensive knowledge of programming. This is no longer the case. The advent of attack toolkits has lowered the bar significantly, opening the doors for anyone with a basic understanding of networking and computers to produce threats that exploit vulnerabilities.

These toolkits are used to enable the theft of sensitive information or to convert compromised computers into a network of botnets in order to mount additional attacks. They are advertised and sold in the online underground economy. Symantec believes that attack kits play a significant role in the continuing evolution of cybercrime into a self-sustaining, profitable, and increasingly organized economic model worth millions of dollars.

This report provides an in-depth look at the evolution of attack kits, their features and how hackers use them to lure in victims, especially online. The report also provides mitigation techniques to help protect your organization from the sophisticated attacks created by these toolkits.

Executive Summary: Symantec Report on Attack Kits & Malicious Websites

Symantec Report on Attack Kits & Malicious Websites

Additional Resources

Mid-Term Report Press Kit

Video: Attack Toolkits in 90 Seconds

Video: Scary Internet Stuff: Web Attack Toolkits

Archive

Download any of our past Internet Security Threat Reports.


Internet Security Threat Reports
download guide
©1995 - 2013 Symantec Corporation
Site Map|
Legal Notices|
Privacy Policy|
Cookies|
Contact Us|
Global Sites|
License Agreements