S
2013 Security by the Numbers
Objectives for 2014
1. Strengthen risk transfer position
2. Support UW's compliance goals while
optimizing use of limited resources
3. Education
4. Enhance security and privacy incident
detection capabilities
5. Develop situational awareness
A total of 398 abuse notifications were received
from external partners:
Denial of Service Attacks:
• DDoS Attacks originating from UW Networks: 129
• DNS Amplification Attacks using UW DNS Servers: 42
• SNMP DoS: 2
Malware:
• Zeus: 51
• ZeroAccess: 42
• Pushdo: 27
• Other Virus or Bot: 21
• Pony: 4
• Kelihos: 2
Other Threats:
• Open Recursive DNS Servers detected: 68
• Network Scanners: 10
55 compromised NetIDs per month
(on average) disabled
33 spam actors targeting UW email servers
identified
42 spam runs per month (on average)
attempted by these actors
77 unique countries from which spammers
connected to UW servers.
Top 5 countries by numbers of source IPs involved
in attempted spamming through UW servers:
• Russian Federation: 72
• Ukraine: 70
• United States: 57
• Belarus: 50
• Nigeria: 49
The security@ and abuse@ email aliases received an average of
7432 emails per month
CISO Information Security Engineers handled an average of
371 trouble tickets per month
2013 INFORMATION SECURIT Y AND PRIVACY ANNUAL REPOR T UW OFFICE OF THE CISO 9