| Related Resources |
 |
|
 |
|
|
Monthly Incident Summary Reports
September - November 2006
Links to other reports are available on the Security
Reports Homepage.
Number of Agencies/Universities Reporting:
September 2006
| Universities |
35 |
16 |
12 |
63 |
| Agencies |
33 |
43 |
9 |
85 |
October 2006
| Universities |
35 |
20 |
8 |
63 |
| Agencies |
37 |
38 |
10 |
85 |
November 2006
| Universities |
36 |
18 |
9 |
63 |
| Agencies |
32 |
40 |
15 |
85 |
Types of Incidents:
Types of Incidents
| Actual Infections |
2,674 |
971 |
2,536 |
| Unauthorized Physical Access |
5 |
8 |
5 |
| Unauthorized Information Access |
410 |
205 |
245 |
| Web Site Defacement |
14 |
7 |
2 |
| Theft of Equipment |
7 |
14 |
16 |
| Theft of Information |
5 |
1 |
1 |
| Unauthorized Use/Misuse |
320 |
75 |
132 |
| Accidental Disruption |
34 |
42 |
33 |
| Disruption or Denial of Services (DOS) |
116 |
12 |
31 |
| Other |
687 |
65 |
492 |
| Total |
4,272 |
1,400 |
3,493 |
Impact of Incidents:
Impact of Incidents
| September 2006 |
2,888 |
853 |
$92,466 |
0 |
| October 2006 |
1,648 |
419 |
$63,520 |
0 |
| November 2006 |
5,967 |
110 |
$152,054 |
0 |
Incident Profiles:
Incident Profiles
| September 2006 |
12,567,406 |
29,621 |
1,819,979 |
| October 2006 |
35,444,601 |
41,599 |
23,816,804 |
| November 2006 |
21,058,694 |
48,223 |
3,544,735 |
Malicious Code:
Malicious Code
| Viruses/Worms |
457,008 |
1,359,647 |
1,108,825 |
| Logic Bombs |
0 |
36 |
0 |
| Back Doors |
828 |
76 |
110 |
| Other Malicious Code |
327,413 |
495,297 |
495,297 |
| Total Workstations/Hard Drives Infected |
2,554 |
963 |
2,495 |
| Total Servers Infected |
120 |
8 |
41 |
Server Types (Number of Systems):
Server Types (Number of Systems)
| Critical production applications and/or
data |
16 |
15 |
11 |
| Critical administrative/support applications
and/or data |
48 |
5 |
9 |
| Research applications and/or data |
1 |
2 |
1 |
| Academic applications and/or data |
16 |
21 |
3 |
| External use web servers |
25,144 |
85,147 |
18,002 |
| Internal use web servers |
1 |
10 |
11 |
| FTP Servers |
70 |
10 |
590 |
| Email Servers |
2,441 |
2,607 |
82,050 |
| Print Servers |
1 |
4 |
2 |
| Other Servers |
44 |
35 |
630 |
| Total |
25,704 |
87,856 |
101,309 |
Response Activities and General Information:
Response Activities and General information
| 1. Number of times were incident response plans activated |
161 |
69 |
124 |
| 2. Number of times disaster recovery plans activated due to security incident |
3 |
2 |
5 |
| 3. Average hours from detection to containment |
416 |
245 |
277 |
| 4. Incidents with response activity logs kept |
357 |
230 |
1,097 |
| 5. Damage to agency/university IR assets |
11 |
5 |
17 |
| 5a. Number of Assets restored |
11 |
6 |
18 |
| 6. Number of incidents needed outside assistance |
4 |
5 |
2 |
| 7. Number of incidents resulted in new security measures |
285 |
200 |
701 |
| 7a. Number of patches installed |
365 |
187 |
731 |
| 7b. Number security software installed |
33 |
204 |
730 |
| 7c. Number of additional policies developed |
5 |
4 |
6 |
| 7d. Number other |
1 |
3 |
4 |
| 8. Number incidents resulted in proliferation |
60 |
28 |
14 |
| 8a. Internal Systems |
6 |
6 |
12 |
| 8b. External Systems |
54 |
23 |
3 |
| 9. Incidents resulted in external public awareness |
11 |
3 |
4 |
| 10. Number Incidents reported to law enforcement |
5 |
6 |
2 |
Top Ten Viruses:
Top 10 Viruses
| September 2006 |
October 2006 |
November 2006 |
| Slammer |
Slammer |
Slammer |
| MyDoom |
Erkez |
Sasser |
| Netzsky |
MyDoom |
Mydoom |
| Mytob |
Netsky |
Netsky |
| Psyme |
AlZip |
Psyme |
| Obscured |
Stration |
Stration |
| Bagle |
Mytob |
Mytob |
| Stration |
Zafi |
Malware.alzip |
| Erkez |
Sasser |
Bloodhound |
| Beagle |
Bagle |
Beagle |
|
