Last Updated: 2010-12-20 00:46:49 UTC
by Guy Bruneau (Version: 1)
Now that we are getting close to the 2010 year end, I posted a survey last week on "Which of the following issues affected your business in 2010?". At the beginning of the survey, "Targeted malware attacks" were on top around 40% which wasn't really any surprise because of all the new malware found daily. However, things turnaround at the end of this week and malware dropped to #2 and Inbound DDoS attacks has been climbing well above 50%. I looked over the diaries posted by all handlers in 2010 for some stories related to parts of this survey.
Inbound DDoS attack
In September, ISC published a diary related to a series of DDoS attacks released by the Shadowserver on the BlackEnergy bot. The diary is posted here.
Enterprise wide DoS
In April, an issue with a McAfee DAT file caused widespread corporate DoS believing that "svchost.exe" was a piece of malware named W32/Wecorl.a. A lot of people had to work overtime to restore a clean svchost.exe file to the affected hosts. The diary is posted here.
Data lost through mobile devices
In January, ISC made reference to a fake Android application that was stealing user password. The diary is posted here.
Targeted malware attacks
In April, ISC reported a targeted malware scams in an enterprise were all the targeted individuals were handling money and had a LinkedIn profile. The diary is posted here. Another was on a "Legal Threat“ malware on contract terms breached and the diary is posted here.
If you want to comment on any of the six point in the survey, you can contact us using our contact page here.
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org