IT Security Threats Q1 2010

AP The Top 10 Most Common Software Vulnerabilities Found On Users' Computers In The First Three Months Of 2010 Information Security Threats in the First Quarter of 2010 The Internet Went Phishing for Spam and Caught A Virus! The top targeted countries in which users were most often subjected to cyberattacks. Vulnerability Name What malicious users can do when they exploit the vulnerability % of users with this vulnerability on their system Threat level 18.05% 18 microsoft office Office word two Gain access to the system and execute random code with local 28.62% High user privileges. 16 OWE vulnerabilities Sources: securelist.com 14 13.18% sun java jdk / jre Gain access to the system and multiple Java vulnerabilities execute random code with local 28.15% High user privileges. 12 AdWare adobe flash player domain sandbox bypass vulnerability 10 designed Phishing 8.52% Programs advertisements, often pop-up banners, on host machines and/or to redirect search engine results to promotional web sites. Adware programs are often built into freeware or shareware programs, to launch D Malware Bypassing the security system. 23.37% Moderately critical 8 Today the term virus is often loosely used to refer to any type of malicious program, or is used to describe any 'bad thing' that a malicious program does to a host system. Strictly speaking, however, a virus is defined as program code that replicates. The name 'phishing' is a conscious misspelling of the word 'fishing' and involves a type of Internet fraud that seeks to acquire a user's credentials by deception. It includes theft of passwords, credit card numbers, bank account confidential microsoft powerpoint outlinetex EC trefatom parsing user privileges. vulnerability 5.25% Office Gain access to the system and execute random code with local 21.91% where the adware forms an indirect 3.73% 301% 269% High Other - 22.16% 'price' for using the free program. 4 details information. and other Malware 2 adobe reader or acrobat two vulnerabilities Gain access to the system and execute random code with local user privileges; Bypassing the security system. 17.87% High (short for malicious software) refers to any program that is deliberately created to perform an unauthorized, often harmful, action. Trojans I CHINA 11 I ITALY Trojans are a non-replicating program that appears to be legitimate but is designed to carry out some harmful action on the victim computer. microsoft office Gain access to the system and 3 onenote uri MEXICO I RUSSIAN FEDERATION I INDIA I UNITED STATES I VIETNAM 6 GERMANY 7 MALAYSIA 8 FRANCE execute random code with local user privileges. Riskware I SAUDI ARABIA Office handling 17.57% High I TURKEY Spyware The generic term used by Kaspersky Lab to describe programs that are legitimate in themselves, but that have the potential for misuse by cyber criminals: for example, remote administration utilities. Such programs have always had the potential to be misused, but they now have a higher profile. 15 UNITED KINGDOM 16 H BRAZIL 17 EGYPT 18 I THAILAND 19 PHILIPPINES 20 I INDONESIA microsoft excel Office multiple vulnerabilities Gain access to the system and execute random code with local user privileges. 17.55% High "Spyware' is often loosely defined as software that is designed to gather data from a computer and forward it to a third party without the consent. This includes monitoring confidential information credit card numbers, PIN numbers, etc.), harvesting e-mail addresses or tracking browsing habits. Office microsoft office excel multiple Gain access to the system and execute random code with local user privileges. key strokes, UKRAINE collecting (passwords, High 16.65% 10 SPAIN vulnerabilities Spam Gain access to the system and adobe reader or acrobat multiple execute random code with local vulnerabilities Extremely critical Spam is the name commonly given to unsolicited e-mail. It is effectively unwanted advertising, the e-mail equivalent of physical junk mail delivered through the from 15.27% user privileges; cross-site scripting. microsoft Gain access to the system and Threats On Users’ Computers unsolicited post telemarketing calls. Office outlook "mailto:" execute random code with local uri handling vulnerability or user privileges. 14.98% High Worm Hacker If a threat is able to evade several layers of web and mail protection, then it will end up on a user's computer, where an antivirus program should be ready and waiting. Let us see what was detected by the latter and examine the breakdown of the behaviors of detected threats in Q1 2010. This term was once used to describe a clever Worms are generally considered to be a subset of viruses, but with key differences. A worm is a computer replicates, but does not infect other files: instead, it installs itself on a victim computer and then looks for a way to spread to other computers. The Geography Of Threats programmer. In recent years, this term has been applied to those who exploit security vulnerabilities to try and break into a program that KGYSTAN Turpan computer system. Originally, those who break into computer systems (for malicious purposes or as a challenge) were known as 'crackers'. BRING uram Highway Under ministration of Ghina Yinchuan Tianjin 12.91% Xining. Lanzhou Zhengzhou Trojan Adware • Worm • Virus Net-Worm Trojan-Game Thief Trojan-Downloader Backdoor Remote Admin Q2010 'an Chengdu 1.84% KASPERSKY LAB waha In recet years, china has become a veritable malwvare factory, churning out Guge amounts of malicious code... 20.88% 2.56% . 6.9% = 12,111,862 3.10% Longgeng Cen unpatched vulnerabilities on users' computers 3.38% Vulnerabilities UNITED STATES 27.57% 5.85% RUSSIAN FEDERATION 22.59% 14.89% 12.84% CHINA In the first quarter of 2010, Kaspersky lab alone detected 12,111,862 unpatched vulnerabilities on users' computers, which is 6.9% more than in the previous quarter NETHERLANDS 8.28% 7.63% SPAIN 6.83% • Trojan-Dropper Email-Worm Other GERMANY 6.78% 10.01% 10.58% 3.29% UNITED KINGDOM 8.19% 1.60% PHILIPPINES UKRAINE 1.35% CANADA 1.29%