internet security tHreAt rePOrt GOVernMent 2013

Recommendations

Info

p. 82 Symantec Corporation Internet Security Threat Report 2013 :: Volume 18 ThREAT ACTIVITy TRENDS Data Figure A.18. Table of Top 10 Bot Locations by Average Lifespan of Bot, 2011–2012 Source: Symantec Rank - 2012 Geography Average Lifespan of Bot (Days) - 2012 % of World Bots - 2012 Average Lifespan of Bot (Days) - 2011 % of World Bots - 2011 1 romania 24 0.16% 29 0.14% 1 2 Bulgaria 17 0.10% 14 0.13% 2 3 united states 13 15.34% 13 12.56% 3 4 indonesia 12 0.12% 10 0.14% 6 5 israel 11 1.34% 5 1.64% 29 6 egypt 10 0.11% 8 0.11% 14 7 Korea, south 10 0.99% 12 0.99% 4 8 Pakistan 10 0.12% 9 0.25% 10 9 Philippines 10 0.16% 10 0.18% 6 10 ukraine 10 0.15% 10 0.20% 6 Commentary • Bots located in Romania were active for an average of 24 days in 2012, compared with 29 days in 2011; 1 in 622 of bots were located in Romania, compared with 1 in 737 in 2011. • It takes almost twice as long to identify and clean up a botinfected computer in Romania than in the United States, although the number of infections in the United States is on a magnitude of more than a hundred times greater than that of Romania. One factor contributing to this disparity may be a low level of user-awareness of the issues involved combined with the lower availability of remediation guidance and support tools in the Romanian language. • In the United States, which was home to 1 in 7 (15 percent) of global bot-infected computers, the average lifespan for a bot was 13 days, unchanged from 2011. • All other countries outside the top ten had a lifespan of 9 days or less. The overall average lifespan was 6 days. • Additionally, 68 percent of bots were controlled using HTTP-based command and control channels, compared with 65 percent in 2011. Rank - 2011
p. 83 Symantec Corporation Internet Security Threat Report 2013 :: Volume 18 ThREAT ACTIVITy TRENDS Analysis of Mobile Threats Background Since the first smartphone arrived in the hands of consumers, speculation about threats targeting these devices has abounded. While threats targeted early “smart” devices such as those based on Symbian and Palm OS in the past, none of these threats ever became widespread and many remained proof of concept. Recently, with the growing uptake in smartphones and tablets, and their increasing connectivity and capability, there has been a corresponding increase in attention, both from threat developers and security researchers. While the number of immediate threats to mobile devices remains relatively low in comparison to threats targeting PCs, there have been new developments in the field. And as malicious code for mobile begins to generate revenue for malware authors, there will be more threats created for these devices, especially as people increasingly use mobile devices for sensitive transactions such as online shopping and banking. As with desktop computers, the exploitation of a vulnerability can be a way for malicious code to be installed on a mobile device. Data Figure A.19. Android Mobile Threats: Newly Discovered Malicious Code, 2011–2012 Source: Symantec 24 22 20 18 16 14 12 10 8 6 4 2 0 JAN APR JUL OCT JAN APR Methodology In 2012, there was a significant number of vulnerabilities reported that affected mobile devices. Symantec documented 415 vulnerabilities in mobile device operating systems in 2012, compared to 315 in 2011 and 163 in 2010; an increase of 32 percent. Symantec tracks the number of threats discovered against mobile platforms by tracking malicious threats identified by Symantec’s own security products and confirmed vulnerabilities documented by mobile vendors. Currently, most malicious code for mobile devices consists of Trojans that pose as legitimate applications. These applications are uploaded to mobile application (“app”) marketplaces in the hope that users will download and install them, often trying to pass themselves off as legitimate apps or games. Attackers have also taken popular legitimate applications and added additional code to them. Symantec has classified the types of threats into a variety of categories based on their functionality. JUL OCT TREND 2011 2012
Page 1 and 2:
internet security tHreAt rePOrt GOV
Page 3 and 4:
p. 3 Symantec Corporation Internet
Page 5 and 6:
Page 7 and 8:
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32: p. 31 Symantec Corporation Internet
Page 57 and 58: internet security tHreAt rePOrt APP
Page 81: p. 81 Symantec Corporation Internet
Page 101 and 102: p. 101 Symantec Corporation Interne
Page 133 and 134:
p. 133 Symantec Corporation Interne
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
show all

internet security tHreAt rePOrt GOVernMent 2013

Create successful ePaper yourself

Delete template?

Save as template?