So farewell, then, 2011. (With apologies to Private Eye's poet-less-than-laureate E.J. Thribb.)
ESET's December ThreatSense Report, as before, looks at threat trends over the year, rather than just the past month. In particular, we've noted that despite the very real impact of Microsoft's countermeasures this year against infection by the type of threat we generally categorize as INF/Autorun, the two most prevalent threats over the year, as measured by our ThreatSense.net® telemetry are still INF/Autorun (5.84%) and Win32/Conficker (3.69%). That does tell us something depressing about the quantity of unpatched systems that still seem to be out there.
On the other hand, there's no denying that there has been a significant impact. A year ago, Conficker held first place with 8.45% (a little over 10% if you include the related threat we classify as INF/Conficker), and INF/Autorun scored 6.75%.
Of course, the report isn't only about the top ten malware. However, we've taken a slightly different approach this time as we look back over our shoulders: in fact, a selection of approaches.
- No crystal balls. Well, you can't write about current threats without making some assumptions (implicit or explicit) about what happens next, but if you want explicit predictions you might want to look at ESET Latin America's comprehensive (English) paper as announced here, or the other blogs in ESET's prediction series.
- Urban Schrott reminds us that it was "a dangerous year online" and discusses what lesson we should learn from it.
- Stephen Cobb accentuates the positives in 2011 security, and tells us that "it's not all bad news on the cyber-front.
- Your humble scribe took a slightly cynical look back over a year in blogging, and listed some of the milestone papers and articles ESET published over that time.
Welcome back to the wacky world of malware. I can hardly wait to see what surprises 2012 has in store for us. ;)
David Harley CITP FBCS CISSP
ESET Senior Research Fellow
