Security Intelligence Report

This week at RSA Europe in Nice, France we released a report detailing the security landscape for the first half of 2006. The report lays out details collected through our various antimalware technologies. The report highlights a number of trends such as a reduction in the number of rootkits and trojans detected by the Malicious Software Removal Tool (MSRT) compared to the second half of 2005, social engineering as a popular and successful method of malware distribution, the frequency that specific potentially unwanted software is kept or removed and specific locales which have the highest instance of infection.

Some of the key points we think our readers will be interested in are:

  • Threats against consumers and businesses are continuing to become more targeted and motivated by financial gain, with backdoor Trojans and bots continuing to comprise a significant percentage of the malicious software detected by Microsoft anti-malware offerings;
  • Social engineering continues to be a popular means of spreading malware, especially when sent over e-mail and peer-to-peer (P2P) networks;
  • Rootkits are likely to continue to be popular for targeted, stealth intrusions.

The data used to identify these trends comes primarily from the Malicious Software Removal Tool and Windows Defender as well as Windows Live OneCare, Windows Live One Care safety scanner, and Microsoft Exchange Hosted Filtering. In the six months covered by the report these tools cleaned nearly 27 million pieces of malware or potentially unwanted software and blocked hundreds of millions of infected email messages.

Based on the data we analyzed and trends observed we also make specific recommendations for how you can better protect the systems that you manage.

You can find the full report here. We welcome your feedback.

Matt Braverman, Jeff Williams & Ziv Mador