Sophos Security Threat Report 2009

By: Absolute Team | 12/15/2008

Sophos has published its Security Threat Report 2009 [PDF], which examines the threat landscape from the last 12 months and tries to predict emerging cybercrime trends for 2009.

As the third quarter Sophos report indicated earlier, the U.S. led the way in malware. More malware was hosted on U.S. websites (37%), and more spam is relayed from U.S. computers (17.5%), than any other country. When one U.S. company accused of collaborating with spammers and hackers disconnected from the Internet in November, 2008, spam went down by 75%.

"Not only is the USA relaying the most spam because too many of its computers have been compromised and are under the control of hackers, but it's also carrying the most malicious webpages." - Graham Cluley, senior technology consultant for Sophos

Graham goes on to say that U.S.-based computers are making a "disturbingly large contribution to the problems of viruses and spam" today. The report also indicated that most malicious code is now found on innocent websites, mainly because corporations have secured their email gateways to prevent attacks and spam (though one in every 714 email messages contains a malicious email attachment).

Highlights from the study:

  • Biggest malware threats – SQL injection attacks against websites and the rise of scareware
  • New web infections – 1 new infected webpage discovered every 4.5 seconds
  • Malicious email attachments – 5x more at the end of 2008 than at the beginning
  • Spam-related webpages – 1 new webpage discovered every 15 seconds
  • New scareware websites – 5 identified every day
  • Amount of business email that is spam – 97%

The report indicates that 2009 will see growing attacks on Mac computers and cross-platform software, as well as mobile devices such as the iPhone and Google Android. The report suspects that data leaking will be a larger concern in 2009, especially given the use of mobile technologies, from laptops to thumb drives to phones. As Sophos notes, the problems are not insurmountable:

"Sound security practices, up-to-date protection and an active commitment to keep informed can all help defend business networks in the year ahead."

In other news, the Pentagon has banned the use of thumb drives because of a virus threat detected on defense networks. I was kind of hoping it was to prevent data breaches, but perhaps this will force the government to update their security policy to be more comprehensive of new data devices - be they thumb drives or iPhones.

Financial Services