A morning routine for IT security professionals: A cup of coffee (tea, in my case), a quick glance at the major headlines (I like BBC) and checking the Cybercrime Index.
Symantec recently launched a snazzy new sitelet with a daily summary of current online threats. The Norton Cybercrime Index takes into account current malware, identity-theft hacks, fraud and spam to calculate a value that reflects what the threat landscape looks like for the day. It’s like a weather report for cyber-crime.
Having an idea of what threats are currently percolating and putting them in context against the entire day can be quite helpful. While waiting for companies to issue updates and patches, online users can avoid scams, and they can do that only if they know about them.
“Since it takes some time between the discovery of a new threat and the moment it is fixed, people must be warned as it happens,” said Catalin Cosoi, the head of the online threats lab at Bucharest, Romania-based computer-security firm BitDefender.
The March 7 index was 61 (on a scale of 360), 3 percent lower than the previous day, according to the sitelet. Yesterday appeared to be a fairly low-threat day, with low sub-scores across the board. The Malware Index dropped 4.29 percent from the day before to a value of 67, the Identity Theft Index dropped 1.72 percent to 57, and the Fraud Index dropped 2.33 percent to 42. The only one bucking the trend was the Spam Index, rising 3.28 to 63, indicating greater spam activity yesterday.
By contrast, Dec. 28 was a very bad day, with a Cybercrime Index of 177 and an ID Theft Index sub-score of 358.
There are notes about current threats, such as warning to not click on headlines just because it might have something to do with Charlie Sheen’s latest rant, no matter how entertaining it may be, or the Top 5 hijacked search terms, which is very helpful.
The historical data appears to go back 83 days at the moment and is based on information collected by Symantec’s Global Intelligence Network, identity fraud consulting firm ID Analytics (which provides the ID Theft and Fraud indices), and data-breach tracker DataLossDB.