Spam and complex phishing attacks are still prevalent

According to the H1 2011 report, many of the vulnerabilities being targeted today are found in the Adobe and Java platforms. This, notes the report, highlights the fact that these applications often remain unpatched.

Because of this, the report advises that organisations and individuals should ensure that these software applications are patched promptly.

"Although spam volumes have declined since the closure of and takedown of the Rustock botnet, spam remains a problem for most organisations", says the report, adding that volume of malicious spam has returned to previous levels.

At the same time, however, attackers are continuing to craft more legitimate looking messages in order to coax users into executing malicious files.

Delving into the report reveals that the US remained at the top of the list of locations where malicious code is hosted. However, the percentage decreased nearly 10% in the first half of 2011 to 32.3%, compared to 42.1% in the second half of 2010.

China - often believed to be one of the major hosts of malicious code - saw its share double, up from 6.4% in the second half of 2010 to 12.7% in the first half of 2011.

Since hosting the 2010 FIFA World Cup, meanwhile, South Africa dropped significantly, registering at only 0.3% in the first half of 2011, down from a high of 5.28% in the second half of 2010.

So where is the spam coming from?

M86 Security notes that the bulk of spam is emitted from botnets, which are networks of computers compromised by malware, but the botnets, the security firm asserts, are constantly in a state of flux.

This, says the report, reflecting the nature of the underground marketplace. Botnets morph and become obsolete, are replaced, taken down, and upgraded in response to market forces, competition and law enforcement.

As of June 2011, adds the study, eight botnets were responsible for 93% of spam - and, in the aftermath of the Spamit and Rustock closures, other smaller botnets, notably Donbot and Xarvester, have increased their market share.

Commenting on the report, Ed Rowley, M86 Security's product manager, told Infosecurity that email continued to be a very important security threat in the first half of 2011.

There are, he says, some very advanced attack techniques being used, such as shockwave being buried within HTML code to try and side-step conventional AV security software.

"The big threats at the moment also include industry espionage and theft of intellectual property. Social networking is also being used as a means of launching attacks", he explained.

Another area of concern, he went on to say, is the issue of cloud security, which many IT security professionals are only now just developing their strategies for.

Rowley says that he is a big believer in balancing risks against security, citing the example of a fish and chip owner - who obviously would not spend several thousand pounds on IT security systems for his/her computer, whilst a bank would - and should - invest a lot more money in security.

What’s hot on Infosecurity Magazine?