SIR volume 6

Yesterday Microsoft published volume 6 of its Security Intelligence Report.  For those not familiar with the SIR - it provides in-depth perspective on the changing threat landscape, as well as countermeasures, based on data from hundreds of millions of Windows users and some of the busiest online services on the Internet.

Just a few of the many insights and findings:

• As operating systems become more secure, vulnerabilities are predominantly in the application layer, making software attacks more prevalent with third-party software vendors, Web services providers and original equipment manufacturers.
• Computers running Microsoft Forefront Client Security (typically found in corporate environments) were much more likely to encounter worms than home computers running Windows Live OneCare. Home computers also encountered significantly greater percentages of trojans, trojan downloaders and droppers, adware and exploits. Similar percentages of backdoors and spyware were detected by both products. These results are likely due to the different ways people use computers at home and for business. For instance, home computers may be used to browse social networking sites or download media, exposing them to different attack vectors than computers used primarily for business needs
• Stolen and lost equipment continued to account for 50 percent of all reported security breaches in the second half of 2008. Stolen equipment was the top reason reported for data loss at 33.5 percent, with lost equipment accounting for 16.5 percent. Less than 20 percent of reported security breaches in the second half of 2008 resulted from incidents caused by malicious software.

The key finds summary is available in 10 languages here.  The "Vinny and Tim Show" video also provides a good overview.