ITWire

One piece of good news is that the proportion of spam fell to 75.1% in 2011 from 88.5% in 2010. In December 2011, spam was at its lowest level for three years. Mr Kopelke ascribed this to two main causes. Firstly, the takedown of the Rustock botnet removed a significant source of spam. (The number of 'zombie' computers fell from 4.5 million in 2010 to just over 3 million in 2011.)

Secondly "a lot of spam is not as effective as it used to be," as people are becoming better educated about recognising and ignoring spam. The downside is that (as previously described), attackers are turning from spam to social networking as a way of spreading links to malicious and dubious sites.

Other highlights from the report include the exposure of 232.4 million identities through data breaches (the healthcare sector saw 43% of those data breaches, but was only responsible for 8% of the identities exposed, well behind the 44% from the computer software sector and 41% from the rest of the IT sector); "an unprecedented number of attacks" against certificate authorities; and the continuing use of old vulnerabilities in attacks (the most frequently attacked vulnerability during 2011 was a Windows vulnerability that Microsoft had fixed six years earlier).

The report can be downloaded via this page.