Religion, porn and malware: Behind the headline

I'm not surprised The Wall Street Journal decided to focus on the religion angle in its coverage of Symantec's most recent threat report. It's easy to put religion right up there in a headline with porn because that sells papers every time. So what if the angle latches onto a miniscule detail that covers about a paragraph of the 50-page report?

From the article:

The most harmful websites in terms of risk from malware infection aren’t, as you might imagine, pornography, but rather religious sites, according to Symantec’s Internet Security Threat Report. The average number of threats found on religious sites was 115 (mostly fake antivirus software). By contrast, pornographic sites had less than a quarter, at around 25 threats per site. Of course, the number of pornographic sites is vastly greater than religious sites.

Here's what the report itself says about religious sites, on page 33:

It is interesting to note that Web sites hosting adult/pornographic content are not in the top five, but ranked tenth. Moreover, religious and ideological sites were found to have triple the average number of threats per infected site than adult/pornographic sites. We hypothesize that this is because pornographic website owners already make money from the internet and, as a result, have a vested interest in keeping their sites malware-free -- it’s not good for repeat business.

That's about all Symantec says of religious website malware.

By category, Symantec said the top five most infected websites are:

1.  Blogs & Web communications

2.  Hosting/Personal hosted sites

3.  Business/Economy

4. Shopping

5. Education & Reference

The WSJ article itself devotes two of its nine paragraphs (I'm counting a bulleted list as one paragraph) to the religious malware angle -- the top two paragraphs. The article then makes an abrupt shift toward other things.

Most of the Symantec report is a lot less interesting because, as the WSJ article notes, we already knew the following (from the report):

Advanced Targeted Attacks Spread to Organizations of All Sizes: Targeted attacks are growing, with the number of daily targeted attacks increasing from 77 per day to 82 per day by the end of 2011. Targeted attacks use social engineering and customized malware to gain unauthorized access to sensitive information. These advanced attacks have traditionally focused on public sector and government; however, in 2011, targeted attacks diversified.

Rise of Data Breaches, Lost Devices Concern for the Future: Approximately 1.1 million identities were stolen per data breach on average in 2011, a dramatic increase over the amount seen in any other year. Hacking incidents posed the greatest threat, exposing 187 million identities in 2011—the greatest number for any type of breach last year. However, the most frequent cause of data breaches that could facilitate identity theft was theft or loss of a computer or other medium on which data is stored or transmitted, such as a smartphone, USB key or a backup device. These theft-or loss-related breaches exposed 18.5 million identities.

Mobile Threats Expose Businesses and Consumers: Mobile vulnerabilities increased by 93 percent in 2011. At the same time, there was a rise in threats targeting the Android operating system. With the number of vulnerabilities in the mobile space rising and malware authors not only reinventing existing malware for mobile devices, but creating mobile-specific malware geared to the unique mobile opportunities, 2011 was the first year that mobile malware presented a tangible threat to businesses and consumers. These threats are designed for activities including data collection, the sending of content, and user tracking.

I don't mean to pick on the WSJ for hyping up an obscure part of the report. I can't blame them, really, because the report is so lacking in something new that it's easy for writers and editors to fall into the how-do-we-make-this-more-interesting trap. I'm not saying it's right. I'm just saying it happens. I've created my share of stinkers in the 18 years I've been a journalist.

I concluded long ago that Symantec's threat reports were going to look a lot alike from one year to the next. Because I didn't want to write the same story over and over again, I simply stopped covering it. No one has complained about that, and it's been a few years now.

I suppose these reports have to be done. The vendor's customers want big-picture updates and the reports certainly meet the need. And, to Symantec's credit, there's a strong effort to make it look fresh and interesting with lots of breakout infographics. I also get that a lot of repetition is necessary in a world where people fail to get the message the first 12 times.

But for me, it's hard to put the time of writing my own story -- or reading someone else's -- into something that looks like last year's news -- and the year before that.

With that said, I open the floor for your points of view...

Copyright © 2012 IDG Communications, Inc.

The 10 most powerful cybersecurity companies