SOUTHFIELD – Security is an issue that affects businesses of all sizes, in all locations. To help protect customers and businesses worldwide, Microsoft issues its Microsoft Security Intelligence Report (SIR) twice yearly.
A detailed examination of the evolution of computer threats and countermeasures, this report provides a unique, global perspective on the state of the security industry in action – the parties who create and distribute malware, techniques and technologies used to attack and compromise people and their machines, and insight into the underground economy behind many of these attacks. Microsoft recommends customers use the data, insights and guidance in the report to better assess and improve their own security practices.
General Security Trends for 2008
The current report shows that while Microsoft and others in the industry have made progress toward helping protect customers from malicious threats online, threats to businesses and consumers continue to evolve. The following data provides general highlights and insights from the report:
Internet-based organized crime continues to proliferate and is growing increasingly sophisticated. Thirty percent of all malware removed from computers by Microsoft security products is in the form of Trojan downloaders and droppers.
Microsoft software continued their track record of a decreased amount of security vulnerabilities in the first half of 2008, both in terms of all disclosures and those relative to the industry.
Year over year comparisons from 2007 to 2008, show a decrease in the amount of security vulnerabilities industry wide. Specifically, January to June saw a 19 percent decrease, and July to December, a four percent decrease.
More than 90 percent of vulnerabilities disclosed from Jan. 1, 2008, through June 30, 2008, affected applications, a finding that is consistent with the trend of attackers moving up the stack from operating systems to applications. Proportionately, the number of vulnerabilities disclosed in operating systems continued to decline during the first half of 2008.
The most common security breaches are due to stolen laptops or computers, and less than 23 percent of security breaches are from hacker attacks.
Some of the active steps Microsoft recommends include the following:
Check for and apply software updates on an ongoing basis, including updates provided for third-party applications.
Enable a firewall.
Install and maintain up-to-date anti-virus and anti-spyware programs that provide increased protection from malicious and potentially unwanted software.
Open links and attachments in email and IM with caution, even if they are from a known, trusted resource.
Of course, the full report contains much more detailed information on the types and locations of known attacks and vulnerabilities. The Security Intelligence Report is a free resource available to anyone to download at Microsoft.Com/Sir
About the Author: Liz Siver is an area manager within Microsoft’s Central Region. She works with small-to mid-sized businesses throughout Michigan.
a>>
