Earlier today, I downloaded the Eighth Edition of the Symantec Internet Security Threat Report. Published twice a year, this report highlights trends in the Internet security space and the following list highlights some of the key findings (according to Symantec).

Vulnerability trend highlights:

• Symantec documented 1,862 new vulnerabilities, the highest number since Symantec started tracking vulnerabilities in six-month increments.
• The time between the disclosure of a vulnerability and the release of an associated exploit was 6.0 days.
• The average patch-release time for the past 6 months was 54 days. This means that, on average, 48 days elapsed between the release of an exploit and the release of an associated patch.
• 97% of vulnerabilities were either moderately or highly severe.
• 73% of reported vulnerabilities this period were classified as easily exploitable.
• 59% of vulnerabilities were associated with web application technologies.
• 25 vulnerabilities were disclosed for Mozilla browsers and 13 for Microsoft Internet Explorer.

Attack trend highlights:

• For the fourth consecutive reporting period, the Microsoft SQL Server Resolution Service Stack Overflow Attack was the most common attack, accounting for 33% of all attacks.
• Symantec sensors detected an average of 57 attacks per day.
• TCP port 445, commonly implemented for Microsoft file and printer sharing, was the most frequently targeted port.
• Symantec identified an average of 10,352 bots per day, up from 4,348 in December 2004.
• On average, the number of denial of service (DoS) attacks grew from 119 to 927 per day, an increase of 679% over the previous reporting period.
• 33% of Internet attacks originated in the United States, up from 30% last period.
• Between January 1 and June 30, 2005, education was the most frequently targeted industry followed by small business.

Malicious code trend highlights:

• Symantec documented more than 10, 866 new Win32 virus and worm variants, a 48% increase over the second half of 2004 and a 142% increase of the first half of 2004.
• For the second straight period, Netsky.P was the most reported malicious code sample. Gaobot and Spybot were the second and third most reported, respectively.
• Malicious code that exposes confidential information represented 74% of the top 50 malicious code samples received by Symantec.
• Bot-related malicious code reported to Symantec made up 14% of the top 50 reports.
• 6,361 new variants of Spybot were reported to Symantec, a 48% increase over the 4,288 new variants documented in the second half of 2004.

Additional security risks:

• Adware made up 8% of the top 50 reported programs, up from 5% in the previous reporting period.
• Eight of the top ten adware programs were installed through web browsers.
• Six of the top ten spyware programs were bundled with other programs and six were installed through web browsers.
• Of the top ten adware programs reported in the first six months of 2005, five hijacked browsers.
• Messages that constitute phishing attempts increased from an average of 2.99 million per day to approximately 5.70 million messages.
• Spam made up 61% of all email traffic.
• 51% of all spam received worldwide originated in the United States.

Some interesting (and some frankly frightening) statistics there. Definitely worth a read for any network administrator or IT manager.