PCs Have 50-50 Shot At Infection In Just 12 Minutes - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


PCs Have 50-50 Shot At Infection In Just 12 Minutes

The number of new viruses, worms, and Trojans is up nearly 60% in the first half of 2005, a security researcher says.

The number of new viruses, worms, and Trojans are up nearly 60 percent in the first half of 2005, a U.K.-based security company said Wednesday, while the length of time an unprotected PC survives on the Internet has shrunk to a measly dozen minutes.

Sophos reported that it had pinpointed 7,944 new pieces of malicious software in the first six months of the year, an increase of 59 percent compared to the first half of 2004.

The firm's researchers tracked an even larger spike in the number of keylogging Trojan horses. According to Sophos, that category has tripled in number.

"We are seeing a large amount of new Trojan horses on a daily basis, representing what may be the most significant development in malware writing," said Gregg Mastoras, a Sophos senior security analyst, in a statement.

Keyloggers are increasingly used not only by spyware criminals, but by general hackers as well. These small programs, usually delivered via e-mail attachments or installed from malicious sites linked to from spammed messages (but more and more also showing up as links sent by instant messaging clients), record keystrokes, sometimes only those associated with online banking sites, and send that data to the hacker, who quickly empties the account.

Trojan horses often don't make the monthly Top 10 lists that many security vendors crank out, since they don't spread on their own. But their impact can be significant. Last month, for instance, the U.K.'s version of US-CERT, the National Infrastructure Security Co-ordination Center (NISCC), made the unprecedented move of publicizing a long-running, well-organized, and tightly-targeted Trojan-based attack on government agencies and companies in Britain.

"Trojans typically don't make the charts because they don't spread on their own and are used for targeted attacks, which are designed to make money or steal information," added Mastoras.

Along with the rapid rise in malware, Sophos researchers said, was a quick decrease in the amount of time an unprotected PC is likely to survive without an infection when connected to the Internet.

Sophos estimated that a new PC stands a 50-50 chance of being infected by a worm within 12 minutes of being connected to the Internet. (Other analysts, such as the Internet Storm Center, put the current average survival time at around 34 minutes.)

The company's list of most "popular" (read "prevalent") worms and viruses for the first half of 2005 held no surprises.

Top of the list was Zafi.d, which accounted for more than 25 percent of all viruses reported this year, even though it rolled out in mid-December, 2004 and uses a Christmas greeting to entice recipients to open its attachment.

"Most surprising is that Zafi.d managed to hang around long after the festive season and well into the spring," said another Sophos analyst, Graham Cluley, in a statement. "It's only in the last two months that Zafi.d has started to lose its stranglehold on the chart. But it's still a significant threat." Another 2004 worm, Netsky.p, held second place in Sophos' list, accounting for 17.5 percent of the total tracked.

Sober.n, in third, is the top-ranked 2005 worm. The bilingual (English and German) worm debuted in May, and gained ground quickly by offering free tickets to next year's World Cup. Early on, it accounted for a whopping 70 percent of all mail traffic.

"The Sober family is an example of how damaging the collaborative efforts between virus writers and spammers can be, hijacking the computers of legitimate organizations to create zombies, whose purpose is to perpetuate the generation of more spam," commented Mastoras.

Other malware on the six-month chart include more variants of Netsky and Sober, as well as several a pair of Mytobs, an especially prolific family that during a seven-day run in June, generated an average of 2.7 versions per day.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll