Home : Networking : News

Malware threat grows, infects longer than ever

Threat report show that as well as the numbers of threats increasing in the last year, they are also sticking around on infected websites for longer periods of time.

By Asavin Wattanajantra, 1 Apr 2008 at 12:46

gallery

Malware on the web was up by 61 per cent in the second half of last year, according to new research into viruses and other security code threats.

The ScanSafe Global Threat Report revealed that web threats such as viruses, trojans, password stealers and other forms of malware were becoming even more prevalent in spite of improved defensive measures on the market.

The report also confirmed that increasing numbers of legitimate sites were hosting malware and that once infected, would host them for longer periods of time before either the site owner or hosting ISP took action.

In the second half of 2007, malware on infected sites remained live for an average of 29 days, a 62 per cent increase from 18 days in the first half of the year.

The research claimed that new malware, which had no existing patch or anti-virus signature, was becoming more common.

"The numbers speak for themselves," says Mary Landesman, senior security researcher at ScanSafe.

"Not only has there been a significant increase in known malware, but on average, zero-day or 'new' threats accounted for 21 per cent of all the malware (we) blocked.

"Further, this malware is remaining active on sites for weeks and in some cases months, leaving users exposed and representing a huge window of opportunity for cyber criminals."

The report concluded that the malware could impact business security, productivity as well as result in confidentiality and compliance risks.

However, it also said that the belief that all malware was organised was a misconception.

The report stated: "The evidence suggests the vast majority of internet-enabled crime is just as likely to be carried out by 17-year old living in Kansas or a 14-year old living in Romania as it is to be carried out by a formalised crime ring operating out of Nigeria or Russia.

"Internet-enabled crime exists not only as a matter of organisation, but rather as a matter of opportunity and access, and is facilitated by the same tools and technologies used for legitimate purposes."

The report predicted that Web 2.0 would continue to fuel high profile malware attacks as their users would become an increasingly rich target.

It also claimed that remote and roaming security would become a mounting problem due to its unique security challenges, and that there would be a growing underground market for the warehousing and selling of stolen database information.