Moore’s Law-like: Malware’s Booming

Thursday, August 4, 2011 @ 06:08 PM gHale

There is a unique malware file created every half second. While not as catchy as P.T. Barnum’s “there is a sucker born every minute,” it does go to show manufacturing automation security professionals need to be on constant guard.

Since the beginning of this year, data security firm Sophos identified in its Mid-Year 2011 Security Threat Report an average of 150,000 malware samples every day.

Report: Malware, Targeted Attacks on Rise
Stuxnet Effect: Iran Still Reeling
Feds Fear New Stuxnet Threats
Stuxnet Threat Lingers; Industry Slow to React

In doing the math, it comes out to a unique malware file created every half-second, a 60 percent increase since 2010. In addition, around 19,000 malicious website addresses (URLs) are identified each day, with 80 percent of those URLs being pages on legitimate hacked or compromised websites.

High-profile hacking attacks against governments and corporations dominated the security landscape in 2011. The result is other security issues which could pose a greater threat to businesses, governments and consumers have received less attention.

Among the key threats identified by the report:
• Search engine poisoning, also known as Black Hat SEO, is on the rise, threatening businesses of all sizes. Cyber criminals manipulate search results from Google, Bing and Yahoo to lure web surfers to malicious pages that place viruses, worms, Trojans or fake anti-virus software on computers. Search engine poisoning attacks are extremely effective, and account for more than 30 percent of all malware detected by Sophos’s Web Appliance (SWA).
• Fake AV. Recently, the FBI busted a gang that tricked nearly a million people into buying its fraudulent software. With a price point ranging from $50 to $130 the scam netted more than $72 million.
• Social media threats have sharply escalated while mass scale email-focused attacks are diminishing. Facebook users in particular are weary of the social network’s safety. As Facebook holds so much personal information on users, scam attacks have been severe in 2011. The scams include cross-site scripting, clickjacking, bogus surveys and identity theft.
• The rise of mobile banking malware. Each mobile phone developer has its own strategy for security, some more effective than others. Understand how a smartphone’s operating system can help protect you, or let malware attack.

Leave a Reply

You must be logged in to post a comment.