Number of viruses top 1 million by 2009

Honey pots detect highest malware levels in 20 years.

The total number of viruses will reach one million by year's end, according to security experts.

Malware writers have been forced to create new types of viruses and exploits more regularly as businesses and individuals improve security practices, the experts said.

Sophos chief technology officer Paul Ducklin said about 25 percent of unique malware has been created in the last six months of its 20 year history.

"About 85 to 90 percent of malware families have a fix created for them almost immediately," Ducklin said.

"Malware writers aren't getting the same bang for buck as they used to because businesses and consumers have become much more diligent with security over the last five years.

"The number of infectious e-mail attachments getting through are down from about one in 40 [about five years ago] to one in 1000."

He said the decline in infections are due to better gateway filters, more relevant corporate policies and user education, and dilution from a rise in legitimate e-mail traffic.

While the security industry is on top of conventional spam and phishing attacks, more effort needs to be put into preventing and eliminating so-called drive-by-downloads, according to Ducklin.

The attacks allow hackers to redirect mass amounts of traffic by inserting malicious iframes into legitimate Web sites. The hacks are usually invisible to Web site visitors and do not often draw attention from security personnel because they only require a single line of code to be manipulated.

He said it is essential that the exploit is patched because hackers search for compromised sites for follow-up attacks.

F-Secure Asia Pacific vise president Jari Heinonen said it logs about 25,000 malware samples each day, the highest on record.

"The total number of viruses and Trojans will pass the one million mark by the end of 2008 if this trend continues," Heinonen said.

"While there are more viruses than ever before, people report seeing less of them [because] malware authors are changing their tactics.

"Drive-by downloads are the preferred way of spreading malware [because] they happen automatically by visiting a Web site, unless users have a fully patched operating system, browser and plug-ins."

Heinonen said malware will increasing target the kernel sector through rootkits such as Mebroot, which attacks the bootstrap sector.

A resurgent Mebroot was detected last month, some 15 years after the DOS-based malware was created.

More about: F-Secure, Gateway, INS, Sophos

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/16/amsn-messenger/

aMSN Messenger

HP and IDG news, product videos and resources

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia