Mobile // Mobile Applications
News
3/6/2012
11:47 AM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Microsoft Maps 10 Years Of Malware

Special report pegs most infected countries, reveals how the least-infected regions keep botnets, other threats at bay.

RSA CONFERENCE 2012--San Francisco-- A lot can happen in 10 years, and that's an understatement when it comes to malware: According to new data released by Microsoft this week, the number of malware variants went from 1,000 in 1991 to millions in 2011.

In celebration of the 10-year anniversary of the launch of its Trustworthy Computing initiative, Microsoft published a special edition of its Security Intelligence Report (SIR). "What we wanted to do from the Security Intelligence Report was look at the past 10 years and how the threat landscape" has evolved, said Tim Rains, director of Microsoft's TwC. "A lot of these samples were new variants of a same family."

Among the more telling trends was the near disappearance of worms and the continued surge in socially engineered malware threats and Trojans. Rains said as companies such as Microsoft build better and less buggy software, the bar gets raised for attackers. Hence the jump in socially engineering attacks that lure users into opening infected attachments or clicking on malicious links that spread Trojans, he said. "Social engineering is probably a mainstay now," Rains said.

The report looks at the "cleanest" countries malware infection-wise. Finland had the lowest rate of infected machines in 2011, with just over one infected machine per 1,000 machines. Japan had just over two per 1,000 machines; followed by Norway, Switzerland, and Australia, all of which had fewer than four. On average, Microsoft cleans up 10 machines per 1,000 globally.

Turkey (57); Korea (20); Brazil (just under 20); Taiwan (more than 15); and Spain (just over 10) didn't fare as well. "We wondered why Finland and others were so low," Raines said, so Microsoft did a case study on one of Finland's largest ISPs, TeliaSonera.

Rains saidTeliaSonera wanted security to be a competitive differentiator in its services. In the wake of the Rustock botnet takedown and Microsoft's Digital Crimes Unit giving Finland's CERT a list of Rustock-infected IP addresses, TeliaSonera found that it was taking an average of 40 minutes per customer to clean up the machines. So they automated the process, and used the Rustock data from Microsoft's DCU to identify infected machines on its network and kept them quarantined until they were cleaned up.

Read the rest of this article on Dark Reading.

SSL is widely deployed, yet enterprises still struggle to manage it and ensure its effectiveness. Companies must understand the threats, know how to use SSL internally, and assure it functions properly and protects their data. In our SSL Authentication report, we show you how to address the security and operational issues inherent in creating and managing internal SSL certificate authorities. (Free registration required.)

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.