- 1 Minute Read -

Websense Security Labs has published its bi-annual State of Internet Security report and, as usual, it makes for pretty interesting if somewhat scary reading.

Covering the last six months of 2009, the report is based upon the findings of the ThreatSeeker Network which is used to discover, classify and monitor global Internet threats and trends courtesy of something called the Internet HoneyGrid.

Makes you wonder if someone searching for you actually finds you, or just the 'noise.'

So what did the HoneyGrid have to report about the Internet security threatscape for Q3/Q4 2009?

Here are the key findings:

  • 13.7% of searches for trending news/buzz words (as defined by Yahoo Buzz & Google Trends) led to malware.
  • The second half of 2009 revealed a 3.3% decline in the growth of malicious Web sites compared to the first half of the year. Websense Security Labs believes this is due to the increased focus on Web 2.0 properties with higher traffic and multiple pages.
  • However, comparing the second half of 2009 with the same period in 2008, Websense Security labs saw an average of 225% growth in malicious Web sites.
  • 71% of Web sites with malicious code are legitimate sites that have been compromised.
  • 95% of user-generated posts on Web sites are spam or malicious.
  • Consistent with previous years, 51% of malware still connects to host Web sites registered in the United States.
  • China remains second most popular malware hosting country with 17%, but during the last six months Spain jumped into the third place with 15.7% despite never having been in the top 5 countries before.
  • 81% of emails during the second half of the year contained a malicious link.
  • Websense Security Labs identified that 85.8% of all emails were spam.
  • Statistics for the second half of 2009 show spam emails broke down as 72% (HTML), 11.2% (image), 14.4% (plain text with URL) and 2.4% (plain text with no URL).
  • 35% of malicious Web-based attacks included data-stealing code.
  • 58% of all data-stealing attacks are conducted over the Web.

This comprises of honeyclients and honeypots, reputation systems and advanced grid computing systems, all of which combine to parse through one billion pieces of content every day while searching for security threats. Every single hour the Internet HoneyGrid scans some 40 million websites for malicious code as well as 10 million emails for unwanted content and malicious code.


Written by rcarroll