This year at the PacSec conference, I will present a Microsoft view of the threat landscape during the first six months in 2009. It will be based on telemetry data published in the latest Security Intelligence Report (SIR) published on Nov 2nd, 2009. You can find agenda of the conference at http://pacsec.jp/agenda.html
From data gathered by a number of Microsoft security products (e.g. Forefront Client Security, Windows Defender, Microsoft Windows Malicious Software Removal Tool, etc.), we see attacks by malware continuing to target specific regions or groups of users. While Japan has a relatively lower infection rate than many countries, we notice that other Asian countries have a high relative infection rate which, in a number of cases, is due to high prevalence of Win32/Taterf (a worm used to steal passwords).
As attackers continue to exploit the Internet infrastructure and application/service environment in large scale, it is important to establish collaboration among ISPs, security solution providers, law enforcement and other service providers to combat malicious threats. In Japan, participants in Japan’s Cyber Clean Center (e.g. ISPs, security ISVs including Microsoft, government) have been working collaboratively against malicious and potentially unwanted malware. We shall appreciate more in similar efforts and collaboration models, particularly in countries and regions where threats are most prevalent.
I hope to see people at the conference and invite them to learn more about the different threat mixes and trends in a number of countries, by downloading and reading the latest SIR.
...Greetings from the old Capital, Kyoto
Hello from the historical imperial city of Kyoto. Yesterday, or today depending on where you are, I had the honor of giving the opening presentation at the twelfth annual AVAR conference. The AVAR conference has grown in significance over the past decade to become one of the top security conferences in the world.
The International AVAR conference concentrates on the computer security situation in the Asia Pacific region. So I will be highlighting data from volume 7 of the Security Intelligence Report that has been gathered from the region.
All in all, most of the Asia and Pacific regions are significantly below worldwide average. But, two of the most highly infected regions are among the largest and increasing. This tells us we still have work ahead of us. Community based defenses are what's needed in our next step in the war against malware. And organizations like AVAR are necessary to bring the community together.