Around 90 percent of all worldwide email is spam.

 

According to the Cisco Annual Security Report, around 200 billion messages are sent daily with the US remaining the primary source with 17.2 percent sent.

 

Findings reveal that the overall number of disclosed vulnerabilities grew by 11.5 percent over 2007 while vulnerabilities in virtualisation technology nearly tripled from 35 to 103 year over year.

 

Despite the amount of spam being sent, Cisco claims that the volume of malware successfully propagated via e-mail attachments is declining, with a 50 percent decrease in 2007-8 in comparison to 2005-6.

 

For the future, the report claims that spear phishing will become more prevalent as criminals personalise spam and make messages appear more credible. It also believes that the use of social engineering to entice victims to open a file or click links will continue to grow, as attacks will increase in number, vectors and sophistication.

 

The report believes that trends including insider threats, data loss and remote working will be monitored closely, as ‘Negligent or disgruntled employees can threaten corporate security' and ‘the global economic downturn may prompt more security incidents involving employees, making it crucial for IT, HR, and other lines of business to collaborate on mitigating threats.'

 

Patrick Peterson, Cisco fellow and chief security researcher, said: “Every year we see threats evolve as criminals discover new ways to exploit people, networks and the internet. This year's trends underscore how important it is to look at all basic elements of security policies and technologies.

 

“Organisations can lower their risk of data loss by fine-tuning access controls and patching known vulnerabilities to eliminate the ability for criminals to exploit holes in infrastructures. It is important to upgrade applications, endpoint systems and networking equipment to help ensure that corporate systems run smoothly and minimise risk.”