| Related Resources |
 |
|
 |
|
|
Monthly Incident Summary Reports:
September - November 2007
Links to other reports are available on the Security
Reports Homepage.
Number of Agencies/Universities Reporting:
September 2007
| Universities |
39 |
17 |
8 |
64 |
| Agencies |
28 |
45 |
10 |
83 |
October 2007
| Universities |
41 |
16 |
7 |
64 |
| Agencies |
32 |
39 |
12 |
83 |
November 2007
| Universities |
39 |
17 |
8 |
64 |
| Agencies |
33 |
44 |
6 |
83 |
Types of Incidents:
Types of Incidents
| Actual Infections |
288,234 |
947 |
2,921 |
| Unauthorized Physical Access |
0 |
1 |
4 |
| Unauthorized Information Access |
2,193 |
535 |
445 |
| Web Site Defacement |
3 |
2 |
2 |
| Theft of Equipment |
11 |
14 |
17 |
| Theft of Information |
1 |
2 |
4 |
| Unauthorized Use/Misuse |
5,143 |
60 |
945 |
| Accidental Disruption |
70 |
46 |
96 |
| Disruption or Denial of Services (DOS) |
16 |
7 |
4 |
| Other |
5,481 |
430 |
500 |
| Total |
301,152 |
2,044 |
4,938 |
Impact of Incidents:
Impact of Incidents
| September 2007 |
1,719 |
232 |
$49,500 |
2 |
| October 2007 |
1,734 |
239 |
$58,859 |
0 |
| November 2007 |
2,077 |
940 |
$75,184 |
0 |
Incident Profiles:
Incident Profiles
| September 2007 |
27,925,309 |
20,688 |
1,159,444 |
| October 2007 |
29,795,422 |
40,822 |
1,273,647 |
| November 2007 |
27,419,034 |
26,702 |
1,480,572 |
Malicious Code:
Malicious Code
| Viruses/Worms |
858,815 |
405,381 |
341,823 |
| Logic Bombs |
247 |
0 |
214 |
| Back Doors |
31 |
49 |
351 |
| Other Malicious Code |
785,578 |
957,399 |
1,270,676 |
| Total Workstations/Hard Drives Infected |
288,196 |
921 |
2,906 |
| Total Servers Infected |
38 |
26 |
15 |
Server Types (Number of Systems):
Server Types (Number of Systems)
| Critical production applications and/or
data |
5 |
7 |
5 |
| Critical administrative/support applications
and/or data |
30 |
3 |
13 |
| Research applications and/or data |
2 |
1 |
0 |
| Academic applications and/or data |
5 |
34 |
10 |
| External use web servers |
6 |
9 |
6 |
| Internal use web servers |
1 |
3 |
5 |
| FTP Servers |
1,104 |
568 |
0 |
| Email Servers |
11 |
944 |
685 |
| Print Servers |
4 |
1 |
2 |
| Other Servers |
251 |
1,580 |
222 |
| Total |
1,419 |
3,150 |
948 |
Response Activities and General Information:
Response Activities and General information
| 1. Number of times were incident response plans activated |
99 |
60 |
53 |
| 2. Number of times disaster recovery plans activated due to security incident |
1 |
1 |
4 |
| 3. Average hours from detection to containment |
405 |
492 |
413 |
| 4. Incidents with response activity logs kept |
511 |
342 |
393 |
| 5. Damage to agency/university IR assets |
52 |
11 |
13 |
| 5a. Number of Assets restored |
3 |
11 |
12 |
| 6. Number of incidents needed outside assistance |
2 |
4 |
18 |
| 7. Number of incidents resulted in new security measures |
428 |
315 |
327 |
| 7a. Number of patches installed |
411 |
299 |
330 |
| 7b. Number security software installed |
396 |
24 |
319 |
| 7c. Number of additional policies developed |
1 |
4 |
9 |
| 7d. Number other |
0 |
2 |
218 |
| 8. Number incidents resulted in proliferation |
68 |
34 |
97 |
| 8a. Internal Systems |
29 |
15 |
31 |
| 8b. External Systems |
39 |
22 |
67 |
| 9. Incidents resulted in external public awareness |
3 |
5 |
20 |
| 10. Number Incidents reported to law enforcement |
6 |
7 |
9 |
Top Ten Viruses:
Top 10 Viruses
| September 2007 |
October 2007 |
November 2007 |
| Downloader |
Downloader |
Downloader |
| BraveSentry |
JS/Downloader-BCZ |
BraveSentry |
| JS/Downloader-BCZ |
BraveSentry |
VBS/Psyme |
| Downloader.Mislead/App |
Bloodhound.Exploit.163 |
Downloader.Mislead/App |
| Trojan.Vundo |
Downloader.Mislead/App |
Trojan.Dropper |
| Trojan Horse |
Trojan.Pidief.A |
Trojan.Pandex |
| Trojan.Pandex |
W32.Advegol!html |
Trojan.Vundo |
| VBS/Psyme |
Exploit-PDF.Shell |
JS/Downloader-BCZ |
| Others |
JS/Wonka |
Troj.Pushdo-Gen |
| Trojan.Dropper |
Puper |
W32.Netsky.P@mm!enc |
|
