• United States



Contributing Writer

Scary Security Metrics — Just On Time for Halloween

Oct 19, 20092 mins
Cisco SystemsData and Information SecurityMalware

The Cybercrime Community Continues Its Onslaught According to Trend Micro

Trend Micro held its annual analyst event last week in San Diego. While the weather was beautiful and the beach beckoned, Trend Micro security experts traded war stories. Of these, CTO Raimund Genes highlighted some very scary security statistics with the audience. For example:* There were over 1 million new unique malware samples discovered in each of the past two quarters. Unlike the worms and mass-mailers of the past, many of these new samples were extremely targeted to particular industries, companies, and even users.* Once PCs are infected they tend to stay infected. Eighty percent stay infected for more than a month and the median length of infection is 300 days. * Of all compromised IP addresses, 75% are consumers and 25% are business users. This tells me that businesses have a real problem on their hands — key loggers are stealing your IP and user credentials as you read this.* More than 1.3 million banner ads are replaced each day with advanced click fraud operations. Also, more than 10m Google toolbar queries are highjacked each day.* Fake security software is a big business. More than 100k users receive a “you are infected” message when viewing questionable web sites. Trend also mentioned that there are over 48k fake security software offerings per month. What could be worse than getting scammed by someone selling PC security and thus protection?Boo!These statistics have become routine in my world but I don’t believe that most people have any idea how bad things are. The reality is that they are far worse than they think. As I’ve written many times lately, October is National Cybersecurity Awareness Month. I hope that these blogs help educate users about frightening trends like these before Halloween signifies the end of the month and another missed opportunity.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author