The Symantec Internet Security Threat Report provides a six-month
update of Internet threat activity. It includes analysis of
network-based attacks, a review of known vulnerabilities, and
highlights of malicious code. It also assesses numerous issues related
to online fraud, including phishing, spam, and security risks such as
adware, spyware, and misleading applications.
This summary of the Internet Security Threat Report will alert readers
to current trends and impending threats. In addition, it will offer
recommendations for protection against and mitigation of these
concerns. This volume covers the six-month period from July 1 to
December 31, 2006.
Executive Summary Highlights
The following section will offer a brief summary of the security trends
that Symantec observed during this period based on data provided by the
sources listed above. This summary includes all of the metrics that are
included in the main report. Following this overview, the Executive
Summary will discuss selected metrics in greater depth.
Attack Trends Highlights
- The government sector accounted for 25 percent of all
identity theft-related data breaches, more thanany other sector.
- The theft or loss of a computer or other data-storage
up 54 percent of all identity theftrelated data breaches during this
- The United States was the top country of attack origin,
accounting for 33 percent of worldwide attack activity.
- Symantec recorded an average of 5,213 denial of service
(DoS) attacks per day, down from 6,110 in the first half of the year.
- The United States was the target of most DoS attacks,
accounting for 52 percent of the worldwide total.
- The government sector was the sector most frequently
targeted by DoS attacks, accounting for 30 percent of all detected
- Microsoft Internet Explorer was targeted by 77 percent of
all attacks specifically targeting Web browsers.
- Home users were the most highly targeted sector, accounting
for 93 percent of all targeted attacks.
- Symantec observed an average of 63,912 active bot-infected
computers per day, an 11 percent increase from the previous period.
- China had 26 percent of the world’s bot-infected
computers, more than any other country.
- The United States had the highest number of bot
command-and-control computers, accounting for 40 percent of the
- Beijing was the city with the most bot-infected computers
world, accounting for just over five percent of the worldwide total.
- The United States accounted for 31 percent of all malicious
activity during this period, more than any other country.
- Israel was the highest ranked country for malicious
activity per Internet user, followed by Taiwan and Poland.
- Fifty-one percent of all underground economy servers known
Symantec were located in the United States, the highest total of any
- Eighty-six percent of the credit and debit cards advertised
sale on underground economy servers known to Symantec were issued by
banks in the United States.