Threat Activity Trends | Spam and Fraud Activity Trends | Malicious Website Activity | Analysis of Malicious Web Activity by Attack Toolkits | Analysis of Web-based Spyware and Adware Activity | Analysis of Web Policy Risks from Inappropriate Use | Analysis of Website Categories Exploited to Deliver Malicious Code | Bot-infected Computers | Analysis of Mobile Threats | Data Breaches that Could Lead to Identity Theft
Malicious Website Activity
BackgroundThe circumstances and implications of Web-based attacks vary widely. They may target specific businesses or organizations, or they may be widespread attacks of opportunity that exploit current events, zero-day vulnerabilities, or recently patched and publicized vulnerabilities that some users have yet to protect themselves against. While major attacks may have individual importance and often receive significant attention when they occur, examining overall Web-based attacks provides insight into the threat landscape and how attack patterns may be shifting. Analysis of the underlying trend can provide insight into potential shifts in Web-based attack usage and can assist in determining if attackers are more or less likely to employ Web-based attacks in the future.
MethodologyThis metric assesses changes to the prevalence of Web-based attack activity by tracking the trend in the average number of malicious websites blocked each day by users of Symantec.cloud Web security services, for websites that have been compromised and contain malicious code. Underlying trends observed in the sample data provide a reasonable representation of overall malicious Web-based activity trends.
This reflects the rate at which websites are being compromised or created for the purpose of spreading malicious content. Often this number is higher when Web-based malware is in circulation for a longer period of time to widen its potential spread and increase its longevity. As detection for Web-based malware increases, the number of new websites blocked decreases and the proportion of new malware begins to rise, but initially on fewer websites.
- The average number of malicious websites blocked each day rose by 36.0% in 2011 to 4,595, compared with 3,379 in 2010.
- In 2011, the number of malicious domains blocked rose to 55,294 compared with 42,926 in 2010, an increase of 28.8%.
- Further analysis of malicious code activity may be found in Appendix X: Malicious Code Trends - Top Malicious Code Families.