I recently caught up on reading various malware and cybercrime reports from the past few months. Here are a few stats and observations I thought would be especially interesting to the SBW community:
"Enterprise users experienced an average of 339 Web malware encounters per month in 4Q11." (up 205% year over year)
Avg. 20,141 unique Web malware hosts per month in 2011 (vs. 14,217 in 2010)
Source: Cisco 4Q11 Global Threat Report (Jan. 2012)
Approx. 30,000 new malicious URLs each day in 2H11; 80% of those are legitimate
85% of malware comes from the web
Source: Sophos Security Threat Report 2012 (Jan. 2012)
Malicious sites up 240 percent in 2011
40% of malnet entry points are via search engines/portals
Source: Blue Coat Systems 2012 Web Security Report (Feb. 2012)
23% of malicious domain registrations could be blocked with basic validation of contact info
Source: Abused Internet Domain Registration Analysis for Calculating Risk and Mitigating Malicious Activity by KnujOn.com (Feb. 2012)
Rogue AV campaign infected 200,000 Web pages, 30,000 unique hosts; more than 85% of sites in US, but more geographically dispersed visitors.
Source: Websense via Dark Reading (Mar. 2012)
On average, two popular websites (among the Alexa top 25,000) serve drive-by downloads each day.
An estimated 1.6 million vulnerable users were exposed to drive-by downloads in one month across 58 popular (Alexa top 25,000) sites.
Source: Barracuda Labs (Mar. 2012)