logo
  Join        Login             Stock Quote

Microsoft Security Intelligence Report Warns of Ongoing Conficker Threat and Clarifies Reality of Targeted Attacks

Wednesday, April 25, 2012 11:30 AM


Latest study analyzes data from more than 600 million systems worldwide, offers solutions for mitigating both targeted and broad-based attacks such as Conficker.

REDMOND, Wash., April 25, 2012 /PRNewswire/ -- Microsoft Corp. today released the Microsoft Security Intelligence Report volume 12 (SIRv12), which found that the Conficker worm was detected approximately 220 million times worldwide in the past two and a half years, making it one of the biggest ongoing threats to enterprises. The study also revealed the worm continues to spread because of weak or stolen passwords and vulnerabilities for which a security update exists.

(Logo: http://photos.prnewswire.com/prnh/20000822/MSFTLOGO)

According to the SIRv12, quarterly detections of the Conficker worm have increased by more than 225 percent since the beginning of 2009. In the fourth quarter of 2011 alone, Conficker was detected on 1.7 million systems worldwide. In examining the reasons behind Conficker's prevalence in organizations, research showed that 92 percent of Conficker infections were a result of weak or stolen passwords, and 8 percent of infections exploited vulnerabilities for which a security update exists.

"Conficker is one of the biggest security problems we face, yet it is well within our power to defend against," said Tim Rains, director of Microsoft Trustworthy Computing. "It is critically important that organizations focus on the security fundamentals to help protect against the most common threats."

The SIRv12 also revealed that many of the threats often referred to as Advanced Persistent Threats (APTs) are no more advanced or sophisticated than other types of attacks. In most cases, these attacks leverage known vectors such as exploiting weak or stolen passwords and vulnerabilities for which security updates exist, but their success lies in the persistence and determination in trying different tactics to compromise the target. This is why Microsoft refers to these types of threats as Targeted Attacks performed by Determined Adversaries, rather than APTs.

"Labeling cyberthreats as 'advanced' is often times misleading and can divert organizations' attention away from addressing basic security issues, which can prevent more common threats from infiltrating their systems," Rains said.


Advertisement
Advertisement



Fundamental data is provided by Zacks Investment Research, and Commentary, news and Press Releases provided by YellowBrix and Quotemedia.
All information provided "as is" for informational purposes only, not intended for trading purposes or advice. iStockAnalyst.com is not an investment adviser and does not provide, endorse or review any information or data contained herein.
The blog articles are opinions by respective blogger. By using this site you are agreeing to terms and conditions posted on respective bloggers' website.
The postings/comments on the site may or may not be from reliable sources. Neither iStockAnalyst nor any of its independent providers is liable for any informational errors, incompleteness, or delays, or for any actions taken in reliance on information contained herein. You are solely responsible for the investment decisions made by you and the consequences resulting therefrom. By accessing the iStockAnalyst.com site, you agree not to redistribute the information found therein.
The sector scan is based on 15-30 minutes delayed data. The Pattern scan is based on EOD data.