Threat Research & Response Blog
Just over a week ago the Microsoft Malware Protection Center released the seventh edition of our Security Intelligence Report covering the first half of 2009. Like all of our previous reports we have distilled information and insight from the wide array of telemetry we have available to us. New to this edition, however, is the inclusion of third party data and insight. Specifically, we have worked with Shadowserver to include data collected for the Conficker Working Group (CWG) as well as insights from various Computer Emergency Response Teams (CERTs) worldwide. Microsoft is thankful for the many strong partnerships we have around the world and is committed to the industry collaboration typified by CWG as well as the programs in the Microsoft Security Response Alliance (MSRA). MSRA is an umbrella program which is made up of similarly themed security programs for different constituencies. Some MSRA programs include the Microsoft Virus Initiative (MVI) and the Virus Information Alliance which are in place to provide technical guidance, malware sample exchange and support to other Anti-virus ISVs as well as the Security Cooperation Program (SCP) and SCPcert which relate to information exchange and collaboration with governments and with CERT organizations (governmental or non-governmental) in regions across the globe.
We would specifically like to call your attention to content provided by several of our CERT partners. As you have likely seen from either my previous blog entry on this Security Intelligence Report or from the report itself or even previous reports we have released we do a comparative analysis of infection rates between countries. We’ve asked several CERTs from some of the countries with the lowest rates of infection to discuss factors to which they attribute the lower rate and their thoughts on associated best practices. Some very interesting things can be found in there (starting on page 44) such as the correlation between higher broadband penetration and adoption of security updates, the correlation between prevalence of pirated software and infection rate and, most importantly, the importance of industry collaboration in reducing the impact of malware in a region.
Download the report here: http://www.microsoft.com/downloads/details.aspx?FamilyID=037f3771-330e-4457-a52c-5b085dc0a4cd&displaylang=en
Jeff Williams(we want to hear from you—SIRFB at microsoft.com)