| Related Resources |
 |
|
 |
|
|
Monthly Incident Summary Reports: June - August 2007
Links to other reports are available on the Security
Reports Homepage.
Number of Agencies/Universities Reporting:
June 2007
| Universities |
38 |
19 |
0 |
57 |
| Agencies |
30 |
44 |
0 |
74 |
July 2007
| Universities |
38 |
19 |
0 |
57 |
| Agencies |
30 |
45 |
10 |
85 |
August 2007
| Universities |
36 |
18 |
0 |
54 |
| Agencies |
27 |
46 |
0 |
73 |
Types of Incidents:
Types of Incidents
| Actual Infections |
792 |
1,857 |
807 |
| Unauthorized Physical Access |
3 |
3 |
0 |
| Unauthorized Information Access |
8,024 |
6,321 |
3,241 |
| Web Site Defacement |
5 |
6 |
9 |
| Theft of Equipment |
5 |
13 |
12 |
| Theft of Information |
1 |
0 |
1 |
| Unauthorized Use/Misuse |
19 |
99 |
1,101 |
| Accidental Disruption |
54 |
32 |
38 |
| Disruption or Denial of Services (DOS) |
3 |
8 |
4 |
| Other |
242 |
953 |
1741 |
| Total |
9,148 |
9,292 |
6,954 |
Impact of Incidents:
Impact of Incidents
| June 2007 |
1,618 |
407 |
$29,053 |
1 |
| July 2007 |
1,787 |
255 |
$59,326 |
2 |
| August 2007 |
1,948 |
477 |
$54,142 |
0 |
Incident Profiles:
Incident Profiles
| June 2007 |
18,859,572 |
40,274 |
1,973,677 |
| July 2007 |
1,673,481,945 |
44,073 |
1,886,613 |
| August 2007 |
15,752,314 |
26,422 |
2,104,142 |
Malicious Code:
Malicious Code
| Viruses/Worms |
550,668 |
463,481 |
329,596 |
| Logic Bombs |
0 |
1 |
0 |
| Back Doors |
31 |
4 |
1,479 |
| Other Malicious Code |
828,008 |
839,267 |
1,647,997
|
| Total Workstations/Hard Drives Infected |
781 |
1,842 |
773 |
| Total Servers Infected |
11 |
15 |
34 |
Server Types (Number of Systems):
Server Types (Number of Systems)
| Critical production applications and/or
data |
8 |
9 |
6 |
| Critical administrative/support applications
and/or data |
5 |
7 |
16 |
| Research applications and/or data |
5 |
0 |
1 |
| Academic applications and/or data |
11 |
15 |
11 |
| External use web servers |
13 |
4 |
9 |
| Internal use web servers |
1 |
4 |
4 |
| FTP Servers |
4,419 |
1,070 |
782 |
| Email Servers |
341 |
7 |
11 |
| Print Servers |
2 |
1 |
0 |
| Other Servers |
4,571 |
66 |
1,792 |
| Total |
9,376 |
1,183 |
2,632 |
Response Activities and General Information:
Response Activities and General information
| 1. Number of times
were incident response plans activated |
99 |
59 |
117 |
| 2. Number of times
disaster recovery plans activated due to security incident |
0 |
0 |
0 |
| 3. Average hours
from detection to containment |
259 |
532 |
269 |
| 4. Incidents with
response activity logs kept |
191 |
174 |
251 |
| 5. Damage to agency/university
IR assets |
2 |
5 |
5 |
| 5a. Number of Assets
restored |
9 |
4 |
2 |
| 6. Number of incidents
needed outside assistance |
3 |
14 |
2 |
| 7. Number of incidents
resulted in new security measures |
108 |
114 |
147 |
| 7a. Number of patches
installed |
87 |
98 |
144 |
| 7b. Number security
software installed |
91 |
101 |
138 |
| 7c. Number of additional
policies developed |
72 |
4 |
6 |
| 7d. Number other |
1 |
4 |
1 |
| 8. Number incidents
resulted in proliferation |
13 |
12 |
48 |
| 8a. Internal Systems |
6 |
7 |
20 |
| 8b. External Systems |
7 |
6 |
28 |
| 9. Incidents resulted
in external public awareness |
3 |
10 |
1 |
| 10. Number Incidents
reported to law enforcement |
1 |
13 |
8 |
Top Ten Viruses:
Top 10 Viruses
| June 2007 |
July 2007 |
August 2007 |
| Downloader |
Downloader |
Downloader |
| Exploit-ANIfile.c |
JS/Downloader-BCZ |
W32/Zhelatin.gen!eml |
| VBS/Psyme |
JS/Downloader-AUD |
Trojan Horse |
| Exploit-MS06-014 |
JS/Wonka |
JS/Downloader-BCZ |
| JS/Downloader-AUD |
VBS/Psyme |
JS/Downloader-AUD |
| JS/Exploit-BO.gen |
W32/Zhelatin.gen!eml |
JS/Wonka |
| JS/Wonka |
Generic Downloader.z |
Winfixer |
| Trojan.Exploit.131 |
Trojan.Packed.13 |
Troj/Dloadr-BCP |
| Trojan Horse |
Downloader.Mislead/App |
Trojan.Pandex |
| W32.Netsky.P@mm |
Exploit-ANIfile.c |
W32/Bagle-Zip |
|
