Friday, February 8, 2008
Malicious programs hit new high
The number of malicious programs found online has reached an unprecedented high, say security firms.
Reports vary but some estimates suggest there were five times as many variants of malicious programs in circulation in 2007 compared to 2006.
Security company Panda Software said it was getting more than 3,000 novel samples of so called malware every day.
Criminals pump out variants to fool anti-virus programs that work, in part, by spotting common characteristics.
Threat landscape
Security software testing organisation AV Test reported that it saw 5.49 million unique samples of malicious software in 2007 - five times more than the 972,606 it saw in 2006.
AV Test reached its total by analysing malicious programs and generating a digital fingerprint for each unique sample.
The organisation said the different ways malware can be packaged will mean some duplication in its figures, but the broad trend showed a steep rise.
The organisation uses the samples to test security programs to see how many they can spot and stop.
Panda Software said the number of malicious samples it received in 2007 was up ten fold on 2006. In a statement it said the rise represented a "malware epidemic".
Finnish security firm F-Secure said it had seen a doubling in the number of pieces of malware it detected in 2007 compared to 2006.
Most of the malicious programs detected by these security organisations are aimed at the various versions of Microsoft's Windows operating system.
The vast majority of these unique malicious programs will be made up of elements from older viruses that have been scrambled to look fresh.
"It started about nine months ago, in early 2007, we saw massive surges of new variants," said Gerhard Eschelbeck, chief technology officer at anti-spyware firm Webroot.
"There are days when we see 1,000 or more new samples," he said.
"It's a low-effort high-frequency type threat," he said. "There's no completely ground-breaking new stuff out there."
He added that hi-tech criminals were adopting several tactics to avoid being spotted by anti-virus programs which try to spot the "signature" of each malicious program they know about.
"Anti-virus relies on customers to submit samples," said Mr Eschelbeck, "but with spyware you typically do not get samples because your customers do not know they are infected."
Increasingly, security firms have turned to new techniques to combat the rise in malware variants. Some use heuristics, or rules of thumb, to spot programs that are similar rather than identical to the ones they have seen before.
Others are using behaviour blockers that shut down any program that shows malicious intent.
Source: http://news.bbc.co.uk/2/hi/technology/7232752.stm
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment