Spyware tripled during 2005, became ever-more sophisticated and stealthy, and attached itself to U.S. computers at rates above any other country, a security company says.
Spyware tripled during 2005, a security company said Tuesday, became ever-more sophisticated and stealthy, and attached itself to U.S. computers at rates above any other country.
According to Boulder, Colo.-based anti-spyware developer Webroot, 2005 ended with 400,000 spyware-distributing sites and a global count of 120,000 different traces, or spyware components. At the start of the year, Webroot had identified only 40,000 traces, a tripling Webroot credited to the increasing sophistication of spyware.
"In December 2004, the numbers were skewed by a big spike of Trojan horses and keyloggers, but then we weren't sure if that was a trend or just temporary," said Richard Stiennon, Webroot's director of threat research. Now, he added, it's clear that the uptick in late 2004 was just the prologue to 2005.
In the enterprise, the percentage of business machines infected with the worst forms of spyware -- dubbed "system monitors" by Webroot, a category that includes keyloggers -- climbed from 2 percent in the second quarter of 2005 to 6 percent in the fourth quarter. (The worst quarter, however, was the first, with 8 percent.)
Consumer machines, said Stiennon, remained at the most risk of spyware infection, simply because fewer of home machines are protected by anti-spyware software. Eighty-one percent of consumer machines harbored at least one piece of spyware, with the average system containing 25 traces. Although the former figure is down from 2004's 91 percent, the latter is up slightly from that year's average of 24.4 traces per machine.
"Even with the availability of anti-spyware software, there hasn't been much of a change in the overall infection rate," said a disappointed Stiennon.
While Webroot painted a dark picture of spyware in 2005, another recently-released study, this one from researchers at the University of Washington, claimed that one of the most malicious methods of spyware deliver -- called "drive-by downloading" -- actually declined during the year.
Four researchers from the Seattle university's Department of Computer Science & Engineering created Web crawlers to scour the Internet for spyware, and found that the number of domains using drive-by downloading had been halved between May and October 2005.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.