Almost three million new threats were identified in 2009 – approximately one every 10.8 seconds. 2,905,697 threat signatures were released through the year to protect against new or variant threats. This is an increase on 2009 of 6.9%.

The vast majority of spam and malware now comes from botnets and compromised hosts – a shift that started in the second half of 2008. But the biggest change seen through the year was the move away from mass-mailed spam and malware, towards targeted vulnerability exploits (for example in applications, Web browsers or servers).

Whilst using e-mail is still proving effective, it requires such volume to provide a return that criminals are now focusing on exploiting vulnerabilities in applications, Web browsers and servers, rather than just mailing executable code. Organised criminal gangs continue to dominate, and this is expected to continue through 2010.

More than Microsoft 

Another notable change in the threat landscape was the increase in security patches from software and platform providers other than Microsoft. Microsoft has long been the biggest (and often perceived as the only) security target for hackers, but in the past year a number of major software houses have announced critical vulnerabilities, including:

  • Adobe announced multiple vulnerabilities in its PDF and Acrobat software systems; and in its SWF Flash software
  • WordPress blogs have been susceptible to multiple vulnerabilities, leading to passwords being compromised
  • Several major Web frameworks (including the popular Drupal Web content management system) have had vulnerabilities leading to remote code execution and SQL injection
  • Web browsers such as Apple Safari, Mozilla Firefox and Opera have all announced critical vulnerabilities.

Companies need to review security policies for all their applications and software, not just those that are Microsoft. It’s not enough anymore just to auto-download Microsoft patches and stick anti-virus software on employees’ PCs. Most of us now use some form of Internet-facing application or software – particularly those who work from home – which must be secured.