Microsoft Security Intelligence Report v.14

CyberThreat Intelligence Program (C-TIP)

Héctor Sánchez Montenegro @hectorsm

Chief Technology Officer Microsoft ibérica

2020

0-20 21-40 41-60 61-80 81-100

Sizing Legend Percent Penetration of Internet Users Number of Internet Users

Brazil 122m China 765m France 58m Germany 70m India 366m

Japan 109m Mexico 61m Nigeria 82m Russia 95m USA 277m

Data visualization and design created by Column Five Media, data provided by Euromonitor Intl.; map concept derived from Geographies of the World's Knowledge, Graham, M., Hale, S.A. and Stephens, M. (Convoco! Edition, London, 2011).

= 5M Internet Users

= 10M Internet Users

.jo

.ru .ba

.ca

.us

.mx

.cu

.jm .ht

.pr

.do

.pa .tt

.ni

.hn .sv

.cr

.gt

.co .ve

.ec

.pe .br

.bo .py

.cl .ar

.pt .es

.it

.fr

.be

.nl

.uk .ie

.de

.dk

.no .se .fi .lt

.ee

.lv

.md

.bg

.mk .hr

.si

.pl .ua

.ch .at .hu

.al

.gr

.rs

.ro

.by

.sk

.cy

.ge

.am .kg

.tj

.mn

.kw .iq

.bh

.qa

.ae

.il

.sy

.tr

.ir

.az .uz

.kz

.af .pk

.lb

.sa

.om

.m

l

.bf

.ci .tg .bj

.cm

.sn

.ma

.ng .eg

.er

.dz .tn

.zm

.mw

.zw .za

.mz

.tz

.ke .ao

.rw

.ug .et

.ly

.in

.cn .kr

.jp

.hk .tw

.bd

.mm .la

.sg

.my

.ph

.vn .th

.id

.nz

.au

.cd

.gh .lk

.cz

.uy

.gr

.ye

.np

2020

0-20 21-40 41-60 61-80 81-100

Sizing Legend Percent Penetration of Internet Users Number of Internet Users

Brazil 122m China 765m France 58m Germany 70m India 366m

Japan 109m Mexico 61m Nigeria 82m Russia 95m USA 277m

Data visualization and design created by Column Five Media, data provided by Euromonitor Intl.; map concept derived from Geographies of the World's Knowledge, Graham, M., Hale, S.A. and Stephens, M. (Convoco! Edition, London, 2011).

= 5M Internet Users

= 10M Internet Users

.jo

.ru .ba

.ca

.us

.mx

.cu

.jm .ht

.pr

.do

.pa .tt

.ni

.hn .sv

.cr

.gt

.co .ve

.ec

.pe .br

.bo .py

.cl .ar

.pt .es

.it

.fr

.be

.nl

.uk .ie

.de

.dk

.no .se .fi .lt

.ee

.lv

.md

.bg

.mk .hr

.si

.pl .ua

.ch .at .hu

.al

.gr

.rs

.ro

.by

.sk

.cy

.ge

.am .kg

.tj

.mn

.kw .iq

.bh

.qa

.ae

.il

.sy

.tr

.ir

.az .uz

.kz

.af .pk

.lb

.sa

.om

.m

l

.bf

.ci .tg .bj

.cm

.sn

.ma

.ng .eg

.er

.dz .tn

.zm

.mw

.zw .za

.mz

.tz

.ke .ao

.rw

.ug .et

.ly

.in

.cn .kr

.jp

.hk .tw

.bd

.mm .la

.sg

.my

.ph

.vn .th

.id

.nz

.au

.cd

.gh .lk

.cz

.uy

.gr

.ye

.np

5 veces mayor

0,0

2,0

4,0

6,0

8,0

10,0

12,0

14,0

16,0

July August September October November December

www.microsoft.com/windows/antivirus-partners/

Vulnerability disclosures across the industry were down 7.8 percent from 1H12, primarily because of a

decrease in application vulnerability disclosures.

0

200

400

600

800

1.000

1.200

1.400

1.600

1H10 2H10 1H11 2H11 1H12 2H12

0

200

400

600

800

1.000

1.200

1.400

1H10 2H10 1H11 2H11 1H12 2H12

0

500

1.000

1.500

2.000

1H10 2H10 1H11 2H11 1H12 2H12

0

500

1.000

1.500

2.000

2.500

3.000

1H10 2H10 1H11 2H11 1H12 2H12

0

200

400

600

800

1.000

1.200

1.400

1.600

1H10 2H10 1H11 2H11 1H12 2H12

3Q11 4Q11 1Q12 2Q12 3Q12 4Q12

Country or region 1Q12 2Q12 3Q12 4Q12 Chg. 1H–2H

32 32 32 32 32 32 64

Win32/Keygen

Win32/DealPly

Win32/Autorun

JS/IframeRef

Win32/Pdfjsc

Blacole

Win32/Onescan

Win32/Obfuscator

Win32/Dorkbot

Win32/Sality

Win32/Zwangi

47

51

Win32/Swisyn

Win32/Meredrop

Win32/Microjoin

Win32/Rimod

Win32/Dynamer

Win32/Obfuscator

Win32/Dowque

Win32/Malagent

Win32/QBundle

Java/SMSer

Win32/Kuluoz

Win32/VB

Win32/Xolondox

Win32/Small

VBS/Startpage

Chart Title

Twitter @msftsecurity

Microsoft Trustworthy Computing www.microsoft.com/twc

Microsoft Security Intelligence Report www.microsoft.com/sir

Microsoft Security Blog blogs.technet.com/b/security

Since 2010, Microsoft disrupts botnets and distribute actionable data on infection to countries

2011 : Delivery of data to ISPs to help them clean their customers

2012 : Delivery of data to national centers to help them clean their country

• Real time data

• Includes IP addresses

• Delivered through Azure Microsoft cloud

C-TIP (Cloud-Threat Intelligence Program

• DCU offers three services related to Threat Intelligence: 1. Real-time updates through Azure Blob Storage or Azure Queues

2. Fast and secure IP lookups through our REST API

3. Daily rollups through our REST API

Héctor Sánchez Montenegro @hectorsm