Stuxnet and Flame not the worst security problems

Roger Grimes, a Microsoft security consultant, says all the publicity about the malware called Stuxnet and Flame overlooks the real security problems. At InfoWorld, he lists 16 problems that he says are worse:

  1. More than 1 million computers are successfully exploited every single day. That’s one every 14 seconds.
  2. 39 percent of the world’s computers are infected by malware of some type.
  3. 90 percent of the world’s companies have suffered network breaches in the past year.
  4. One out of every seven adults has his or her online financial information, identity, or passwords compromised every year, according to Privacy Rights. That adds up to 280 million breached records in the last eight years.
  5. 82 percent of malicious websites are hosted on hacked legitimate websites.
  6. It’s no longer unusual for a single hacking event to cause more than $100 million in damages. The attack against Sony is a fine example.
  7. Hackivist groups such as Anonymous routinely break into the world’s largest companies and have even hacked the global authorities investigating them.
  8. Hacks resulting in millions of leaked passwords are so numerous, they practically go unnoticed. The successful attack against LinkedIn is a good example.
  9. A single worm, SQL Slammer, was able to infect almost every possible unpatched computer it targeted in 10 minutes — and this was back in 2003.
  10. Malware is popping up on mobile platforms as though we’ve learned absolutely nothing over the 25 years of PC hacking.
  11. Spam rates are still above 65 percent, nearly 10 years after passing the CAN-SPAM Act of 2003.
  12. One out of every 14 Internet downloads is malicious.
  13. The annual cost of cyber crime is estimated at $114 billion.
  14. Successful prosecution rates for Internet cyber criminals is less than 0.01 percent.
  15. Hacking by nations is so pervasive that Google is now automatically alerting users of potential state-driven threats.
  16. Stuxnet, Duqu, and now Flame prove that complex malware can bypass any computer security defense.

Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.


No comments yet.

Sorry, the comment form is closed at this time.