Spyware tripled during 2005, became ever-more sophisticated and stealthy, and attached itself to U.S. computers at rates above any other country, a security company says.
Spyware tripled during 2005, a security company said Tuesday, became ever-more sophisticated and stealthy, and attached itself to U.S. computers at rates above any other country.
According to Boulder, Colo.-based anti-spyware developer Webroot, 2005 ended with 400,000 spyware-distributing sites and a global count of 120,000 different traces, or spyware components. At the start of the year, Webroot had identified only 40,000 traces, a tripling Webroot credited to the increasing sophistication of spyware.
"In December 2004, the numbers were skewed by a big spike of Trojan horses and keyloggers, but then we weren't sure if that was a trend or just temporary," said Richard Stiennon, Webroot's director of threat research. Now, he added, it's clear that the uptick in late 2004 was just the prologue to 2005.
In the enterprise, the percentage of business machines infected with the worst forms of spyware -- dubbed "system monitors" by Webroot, a category that includes keyloggers -- climbed from 2 percent in the second quarter of 2005 to 6 percent in the fourth quarter. (The worst quarter, however, was the first, with 8 percent.)
Consumer machines, said Stiennon, remained at the most risk of spyware infection, simply because fewer of home machines are protected by anti-spyware software. Eighty-one percent of consumer machines harbored at least one piece of spyware, with the average system containing 25 traces. Although the former figure is down from 2004's 91 percent, the latter is up slightly from that year's average of 24.4 traces per machine.
"Even with the availability of anti-spyware software, there hasn't been much of a change in the overall infection rate," said a disappointed Stiennon.
While Webroot painted a dark picture of spyware in 2005, another recently-released study, this one from researchers at the University of Washington, claimed that one of the most malicious methods of spyware deliver -- called "drive-by downloading" -- actually declined during the year.
Four researchers from the Seattle university's Department of Computer Science & Engineering created Web crawlers to scour the Internet for spyware, and found that the number of domains using drive-by downloading had been halved between May and October 2005.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.