Security company Sophos got the jump on year-end security reports by noting that the number of new threats loose on the Internet increased by 48 percent this year.
The Sophos report painted a picture of an Internet red in tooth and claw, claiming that unprotected computers “have a 40 percent chance of being infected by an internet worm within ten minutes, turning them into a zombie under a remote hacker’s control.”
According to the company’s “Security Threat Management Report 2005,” (PDF, 522KB) the year was characterized as one of targeted attacks from “cybercriminals” out to steal personal information from vulnerable Windows machines, the subject of all ten of the company’s reported top ten attacks.
“This huge increase stems from the escalating interest in authoring Trojans, worms and viruses shown by criminal gangs intent on making a profit. By focusing their efforts on a smaller number of victims, cybercriminals can target them with bespoke malware, increasing their chances of slipping under the security net,” said Graham Cluley, senior technology consultant at Sophos.
Accompanying the rise in malware threats, 15,907 new ones this year, was an attendant rise in virus-infected e-mail. Sophos estimated that one in every 44 e-mails sent in 2005 contained a viral payload, with that ratio climbing to one in every twelve during “major outbreaks.”
The company also took Microsoft’s Bill Gates to task for predicting that spam
will be “a thing of the past” within two years.
“As January 24 2006 approaches Sophos believes that the rumors of spam’s death have been greatly exaggerated. The threat remains alive and kicking despite the increased action against spammers and constantly improving anti-spam software,” the report reads.
Malware was also ascendant in 2005. Sophos reported that the percentage of malware being used to deliver spyware rose from 54.2 percent at the beginning of the year to 66.4 percent by the end of the year. The company said the amount of spam generated by zombie computers — machines running malware that sends spam or launches denial of service attacks — accounted for over 60 percent of spam sent globally.
“It’s no surprise that most of the top ten threats allow hackers to gain access to an infected PC, enabling them to create a zombie, steal information, and dish out their malware from under the nose of unsuspecting users,” said Cluley.