60% Of Malware Created In 2008

By Guy Bunker | April 17, 2009 | Leave a Comment 

Guy Bunker

Symantec’s latest Internet Security Threat Report came out this week and it showed that Symantec issued 1,656,227 new malicious code signatures in 2008. This is more than all the previous years put together!
istr2009-1
This represents a tipping point, where it is now easier to look at the good stuff rather than the bad. By following the trend and anticipating the changes, Symantec’s anti-malware products are now a mixture of technologies, blacklisting (the old way – spotting the bad stuff), whitelisting (lists of the good stuff), reputation based (so that new ‘good stuff’ doesn’t get ignored) and behavioural (if there’s something, previously unknown, that is behaving badly it can be stopped.)

One of the other interesting statistics was on the rise of bots. Globally bots are up 31%, with EMEA up 47%. Bots are responsible for around 90% of the spam… so if your computer is infected then you are part of the problem!

Cyber-criminals are still after your confidential information with credit card and bank account details topping the list. Prices on the underground economy have fallen this year indicating that there is more information around and more people trying to sell it. Look after your information – and keep your system up to date – with OS and application patches along with the latest virus definitions. All this can happen automatically… as long as you don’t turn the functionality off.

April 1st… Meltdown or Joke?

By Guy Bunker | March 31, 2009 | Leave a Comment 

Guy Bunker

So, tomorrow is the big day – what will Conficker do? Will it be like Y2K where there was a thought that the Internet was going to melt down – but it ultimately turned into ‘just another day’… or will Conficker (aka Downadup and Kido) bring the Internet to a standstill. Of course the answer is that we will have to wait.

We do know that the latest incarnation Conficker-C will ‘change’ tomorrow, it will harden itself against security updates and OS patches and the number of servers it will reach out to will increase from hundreds to thousands, but as to what it will download… who knows. With millions of machines around the world infected it could be used for a massive denial of service attack, or perhaps a spam / phishing one.

You can protect yourself – a good anti-virus / Internet security suite will do the trick (I have Norton on my home machines and, of course we use Symantec on the corporate ones) , and if you are infected, then there is plenty of information as to how to remove it. Conficker has caught the imagination of the press and so there is a lot being written about it, however, there were more pieces of malware created in2008 than in all the preceding years put together… and Conficker is just one of them (well three, but it depends how you count!) Of course, compared to the average nasty, Conficker is smarter, it transforms itself and uses multiple routes to infect the unpatched, unsecured targets.

Sitting here in the UK, we have a small advantage, like with Y2K, we will see the effects in Australia and AsiaPac before it gets to us – and for them its now less than 2 hours to go…

1Server, 3 Weeks, 1.4GB Personal Information

By Guy Bunker | May 9, 2008 | Leave a Comment 

Guy Bunker

A server was found this week chock full of personal information – 1.4GB of personal information. The information had been stolen from around the world and included health records and email – and within the email there was even more information relating to contacts, account details, pension savings plans (401k) and so on… 1.4GB can house a lot of useful information.

This server was quite a find… but it is not alone, we see compromised servers which receive stolen information everyday and there are a lot of them. OK, so most don’t have 1.4GB but they do contain tens of thousands of pieces of information. The latest Internet Security Threat Report (ISTR Vol. XIII, April 2008) reported more than 60,000 bot infected computers per day (a 17% increase over the previous 6 months). These aren’t all collecting information – most are sending it out (spam, phishing, DoS, …) however some of them are. It also highlighted that of the 54,609 applications installed, 65% were malicious.

So (and I’m starting to sound like a broken record)… if you value your information and something asks to install itself, especially if you are in a web browser (also known as a plug-in), be very sure that the source of the request is valid – if not, then just click away.