Home / News

Spam Peaked at 200 Billion per Day in 2008, Botnets Nexus of Criminal Activity, Says Cisco

In a 52 page security report released by Cisco, the company has confirmed what has been consistently been observed through out this year: "the Internet-based attacks are becoming increasingly sophisticated and specialized as profit-driven criminals continue to hone their approach to stealing data from businesses, employees and consumers." The 2008 edition of the report has specified the year's top security threats and offers recommendations for protecting networks against attacks that are propagating more rapidly, becoming increasingly difficult to detect, and exploiting technological and human vulnerabilities.

Among some of the more specific threats across the web, the study identifies spam accounting for nearly 200 billion messages each day, approximately 90% of worldwide email. The United States is the biggest source at 17.2 percent. Other countries who contribute spam include Turkey (9.2 percent), Russia (8 percent), Canada (4.7 percent), Brazil (4.1 percent), India (3.5 percent), Poland (3.4 percent), South Korea (3.3 percent), Germany and the United Kingdom (2.9 percent each).

Some of the notable trends, as identified by the study, include:

  • The overall number of disclosed vulnerabilities grew by 11.5 percent over 2007.
  • Vulnerabilities in virtualization technology nearly tripled from 35 to 103 year over year.
  • Attacks are becoming increasingly blended, cross-vector and targeted.
  • 90 percent growth in threats originating from legitimate domains, nearly double what was seen in 2007.
  • The volume of malware successfully propagated via e-mail attachments is declining. Over the past two years (2007-2008), the number of attachment-based attacks decreased by 50 percent from the previous two years (2005-2006).

The report also suggests the following as top trends to be watched in the coming year:

  • Insider threats. Negligent or disgruntled employees can threaten corporate security. The global economic downturn may prompt more security incidents involving employees, making it crucial for IT, HR, and other lines of business to collaborate on mitigating threats.
  • Data loss. Whether through carelessness, breaches by hackers, or from insiders, data loss is a growing problem that can lead to grave financial consequences. Technology, education and clear, well-enforced data security policies can make compliance easier and reduce incidents.
  • Mobility, remote working, and new tools as risk factors. The trend toward remote working and the related use of Web-based tools, mobile devices, virtualization, "cloud computing" and similar technologies to enhance productivity will continue in 2009. It will be a challenge for security personnel. The edge of the network is expanding rapidly, and the increasing number of devices and applications in use can make the expanding network more susceptible to new threats.

The full report can be downloaded from Cisco's website.

By CircleID Reporter – CircleID's internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us. Visit Page

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Comments

 Be the first to post a comment!

Add Your Comments

 To post your comments, please login or create an account.

Related

Topics

New TLDs

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

DNS Security

Sponsored byAfilias

Whois

Sponsored byWhoisXML API

Brand Protection

Sponsored byAppdetex

Cybercrime

Sponsored byThreat Intelligence Platform