One of the most interesting threat trends to surface in the enterprise environment was the decline in network worms and rise of web-based attacks. The report found:
· The proportion of Conficker and Autorun threats reported by enterprise computers each decreased by 37% from 2011 to 2H12.
· In the second half of 2012, 7 out of the top 10 threats affecting enterprises were associated with malicious or compromised websites.
· Enterprises were more likely to encounter the iFrame redirection technique than any other malware family tracked in 4Q12.
· One specific iFrame redirection family called IframeRef increased fivefold in the fourth quarter of 2012 to become the number one malicious technique encountered by enterprises worldwide.
· IframeRefwas detected nearly 3.3 million times in the fourth quarter of 2012.
The report also takes a close look at the dangers of not using up-to-date antivirus software in an article titled “Measuring the Benefits of Real-time Security Software.” New research showed that, on average, computers without AV protection were five and a half times more likely to be infected.
The study also found that 2.5 out of 10, or an estimated 270 million computers worldwide were not protected by up-to-date antivirus software.
Whilst many of the findings surrounding real-time protection seem pretty obvious, the numbers are pretty startling. As security is often best implemented using a strength-in-depth, or rings approach, anti-virus or real time malware detection seems to be taking a back seat. For mobile devices, or devices based on Linux this can become a significant issue, especially if those devices carry email destined for Microsoft based machines.
By Simon Moffatt