Again, from a Dark Reading article, Microsoft Studies 10 Years of Malware and ThreatsMicrosoft, in celebration of the 10-year anniversary of the launch of its Trustworthy Computing Initiative, published a special edition of its Security Intelligence Report.  They looked at the past 10 years and how the cyber threat landscape has evolved.

Trends – The near disappearance of worms and the continued surge in socially engineered malware threats and Trojans.  As software gets less buggy, it raises the bar for cyber attackers.  This is why we’re seeing the jump in social engineering attacks that lure users into opening infected attachments or clicking on malicious links that spread Trojans.  They stated that social engineering is probably a mainstay now.

The report looked at the “cleanest” countries malware infection-wise.  Finland had the lowest rate of infected machines in 2011, with just over 1 infected machine per 1,000 machines.  Japan had just over 2 per 1,000 machines, followed by Norway, Switzerland, and Australia, all of which had fewer than 4. Turkey (57), Korea (20), Brazil (just under 20), Taiwan (more than 15), and Spain (just over 10) didn’t do so well.

They examined Finland more closely to find out why, and did a case study on TeliaSonera, Finland’s largest ISP.  TeliaSonera wanted security to be a competitive differentiator in its services.  In the wake of the Rustock botnet takedown and Microsoft’s Digital Crimes Unit giving Finland’s CERT a list of Rustock-infected IP addresses, TeliaSonera found that it was taking an average of 40 minutes per customer to clean up the machines.  So they automated the process, and used the  Rustock data to identify infected machines on its network and kept them quarantined until they were cleaned up.  TeliaSonera alerts infected customers and place’s the user’s machine in a “walled garden” until the machine is remediated and cleaned.

There were also strong relationships between the ISP and other organizations in the region – including public and private sectors, and they tended to be more proactive.  The regions also had aggressive public service campaigns to educate users, promoted up-to-date software, and had low software piracy rates.

Nancy Sykora
Sr. Account Executive