Anti malware company Symantec released its threat report for 2011 on Monday. Buried in the dry statistics about the number of Web based attacks and malicious programs detected during the year are some surprising facts. Among them: religious-themed Web sites are among the dirtiest on the Internet.
Religious and ideological sites had triple the average number of threats per infected sites that pornographic Web sites, Symantec reported in its 2011 Internet Security Threat Report (ISTR). The report found a mix of trends that – with spam levels dropping, even as attacks mounted in 2011. Here are some of the surprising findings of the Symantec report.
Porn sites – clean, not dirty: Pornography-themed Web sites have long had a reputation as the “dark alleyways” of the Internet. In fact, porn sites ranked tenth in the list of the top ten categories of Web sites that are most infected, after automotive themed sites (ranked 8th) and health and medicine sites (ranked 9th). Top on that list: blogs and Web communications, including religious Web sites. That was followed by personally hosted sites, business sites, shopping and education.
Valentines, not Viagra: Pharmaceutical themed spam have been the most common, by far, in recent years. That was true again in 2011, during which pharma-spam accounted for almost 4 in 10 spam e-mail messages. But that was a big change from 2010, when three in four spam messages were pharma themed. What filled the void? Sex and dating-themed spam, for one. That category jumped more than 10 percent, to account for around 15% of all spam messages, right after spam about watches and other jewelry, which accounted for around 19 percent of spam messages.
Spam stays in the can: Spam e-mail volumes were way down in 2011, Symantec found. Spam volumes dropped by around 20 billion messages year over year, to an average of 75% of all e-mail last year, compared with 88.5% in 2010. While the exact cause of the drop hasn’t been proven, Symantec said coordinated take-downs of large botnets including Rustock.
USA – home of the bot: The U.S. was the top source of every category of malicious activity except for the creation of malware and the use of spam zombies, where India came first. Around 13% of bot activity originated in the U.S. and around 34% of Web based attacks. Close to half of all phishing Web sites were based in the U.S., Symantec found. In fact, the U.S. got a bit more dangerous in 2011, despite a loud and public conversation, domestically, about cyber security. China, on the other hand, saw a steep drop in malicious activity, which declined by about 10 percent between 2010 and 2011.
SCADA bonanza: Reports of vulnerabilities in industrial control and SCADA systems jumped considerably in 2011 to 129, compared to just 15 in 2010. Symantec credited the attention given to the Stuxnet worm for drawing attention to security holes in industrial systems.