Sophos Security Threat Report: Mid-year 2010

Survey results

I am very pleased to announce the publication of the latest Sophos Security Threat Report. There has been a lot of activity since we last published an update in January and despite some bad news, I think this cloud has a silver lining.

One of the greatest achievements of the last 6 months has been an active engagement from average computer users in securing their computers. I am proud to say that the number of people following our security page on Facebook has increased more than eightfold during that time. This shows that internet users care about their privacy and security and are reaching out to both professionals and one another to get help.

Survey results

Not surprisingly our poll shows that most don’t have faith that our governments are doing enough to protect us. Only 6% of those polled thought that their country was doing enough to protect itself against internet threats. Over 60% said they approve of their governments using the internet for foreign espionage.

It was disappointing but not surprising that the volume of malware samples entering SophosLabs increased 50% year over year to more than 60,000 samples per day in the first half of 2010. Clearly the profit and success of these criminal gangs is motivating them to try every trick they can think of to part you from your hard-earned dollars.

Facebook poll

Social media users continued their fight for privacy and won some small victories against Facebook.

While the changes to Facebook’s privacy settings calmed a growing privacy storm there were still many concerns related to security. In our poll 95% of users said they did not feel Facebook was doing enough to prevent the “likejacking” attacks that have occurred in the last 3 months. As Facebook has commented, this is the result of a flaw in the specifications and how browsers draw web pages, but most users feel Facebook could take steps to mitigate the problem.

I encourage all of you to download the newest report and think hard about some of the conclusions. We seem to be taking an aggressive stance related to cybersecurity that may escalate war on the internet. While we need to have a strong defensive posture, we should consider the result of an escalation carefully before we run in with our virtual guns ablazin’.