RSA 2011 has come to an end and I wanted to talk about one particularly memorable statistic I heard at the conference. Enrique Salem, President and CEO of Symantec, said in his keynote that 75% of the attacks they saw in 2010 were targeted at 50 computers or less, or as he calls them “micro-distribution” attacks. Or micro zero day attacks.
Think about that. We’re not talking about viral attacks intending on stealing mass credit cards or creating large botnets. These are targeted at specific companies or specific individuals. Whether it’s economic espionage, military espionage, or all out cyber warfare, if an attacker is targeting a handful of computers, he is going after a specific goal. He is tailoring his attack just for his target.
Think “smart bullets” versus random gunfire.
Some other interesting stats shared this week at the conference:
- Symantec sees nearly 2 million threats every day
- McAfee generates 55,000 unique signatures every day, and estimates there are 2 million malicious web sites appearing every month
- Sophos receives 95,000 malware samples every day, and detected 100,000 new fake antivirus products just in December
Now imagine that just a small fraction of these numbers are targeted attacks.
It’s time to get smart about our defenses.
