Column Definitions

• Year - This column represents the calendar year, not fiscal year.
• Mail messages processed - We continue to process all mail sent to us, but due to the increase in spam, viruses, and other unsolicited mail that we receive, we believe this statistic no longer provides meaningful information. As a result, we stopped providing the statistic at the end of 2006.
• Hotline calls received - This statistic refers to the number of hotline calls we received per year. Given the variety of calls we receive on a wide range of computer security issues, it would be difficult to draw any type of conclusion based on this number, so 2006 marked the final year for this statistic.
• Incident reports received - Given the widespread use of automated attack tools, attacks against Internet-connected systems have become so commonplace that counts of the number of incidents reported provide little information with regard to assessing the scope and impact of attacks. Therefore, we stopped providing this statistic at the end of 2003.
• Advisories published - CERT Advisories provided timely information about current security issues, vulnerabilities, and exploits. Beginning in 2004, CERT Advisories became a core component of US-CERT's Technical Cyber Security Alerts.
• Incident Notes published - CERT Incident Notes provided information about incidents to the Internet community. Since 2004, this information has been incorporated into US-CERT's Technical Cyber Security Alerts and Current Activity.
• Vendor Bulletins published - Vendor Bulletins were intended to facilitate the coordinated distribution of information written by vendors about security problems and solutions. The bulletins were discontinued in 1998.
• Summaries published - CERT Summaries were published each quarter to draw attention to the types of attacks reported to our incident response team during the previous three months, as well as other noteworthy incident and vulnerability information. Summaries were discontinued at the end of 2003.