A new study done by Sophos estimates that the total number of unique malware samples in existence now exceeds 11 million and suggests that most attacks are now designed to try and out-fox traditional security systems such as email-scanning.
According to the security company, the first half of 2008 saw an explosion in threats spread via the web, the preferred vector of attack for financially-motivated cybercriminals. On average, Sophos detects 16,173 malicious webpages every day - or one every five seconds, three times faster than the rate seen during 2007.
Over 90 % of the webpages that are spreading Trojan horses and spyware are legitimate websites, some belonging to household brands and Fortune 500 companies that have been hacked through SQL injection.
SQL injection attacks exploit security vulnerabilities and insert malicious code into the database running a website. Companies whose websites have been struck by such an attack often clean-up their database, only to be infected again a few hours later. Users who visit the affected websites risk having their computer taken over by hackers, and their personal banking information stolen by identity thieves.
Sophos has identified that the number one host for malware on the web is Blogger (Blogspot.com), which allows computer users to make their own websites easily at no charge. Hackers both set up malicious blogs on the service, and inject dangerous web links and content into innocent blogs in the form of comments. Blogspot.com accounts for 2 % of all of the world's malware hosted on the web.
The report also revealed that thousand of webpages belonging to Fortune 500 companies, government agencies and schools have been infected, putting visiting surfers at risk of infection and identity theft. High profile entertainment websites such as those belonging to Sony PlayStation, Euro 2008 ticket sales companies, and UK broadcaster ITV are amongst the many to have suffered from the problem.
Sophos experts noted that with the continuing popularity of Web 2.0 social networking sites, including Facebook and LinkedIn, among business users, cybercriminals who have already gained access to user profiles, may begin to use these as corporate directories, noting new employees and launching spear-phishing attacks specifically aimed at stealing information from new and unsuspecting members of staff.
“Businesses need to bite the bullet and take better care of securing their computers, networks and websites. They not only risking having their networks broken into, but are also putting their customers in peril by passing on infections,” said Graham Cluley, senior technology consultant at Sophos.
“But office workers must realise it’s not just the business fat cats who need to worry about this. Visiting an infected website from your work PC, or sharing too much personal or corporate information on sites like Facebook, could lead to you being the criminal’s route into your company.”
To guard against this risk, Sophos recommends all organisations to ensure employees are fully educated about the dangers of posting too much information on these sites, and of accepting unsolicited friend requests.
Another trend that the report picked up on was that although most attacks are now taking place via infected websites, email continues to present a danger.
Sophos said it is common for cybercriminals to spam out links to compromised websites, often using a subject line and message to tempt computer users into clicking through the promise of a breaking news story or a lewd topic.
The study did note that attacks via email file attachments, however, have reduced in 2008. Only one in every 2,500 emails examined in the first six months of 2008 was found to contain a malicious attachment, compared to one in 332 in the same period of 2007.
The Pushdo Trojan dominated the chart of most widespread malware spreading via email, accounting for 31 per cent of all reports. Pushdo has been spammed out during the year with a variety of disguises. Some for example, have claimed to contain nude photographs of Hollywood stars Nicole Kidman and Angelina Jolie.
The Sophos Security Threat Report examines existing and emerging security trends and has identified that criminals are increasingly using creative new techniques in their attempt to make money out of internet users. |
