F-Secure reports malware growth at a higher level than ever before

[Simon]

Amount of malware reaches 900.000 in the end of June 2008
Jun 24, 2008

(Helsinki, June 24th, 2008) In its 2008 first half data security summary, F-Secure reports malware growth rate at a higher level than ever before. This recent explosion of malware doesn't necessarily represent new types of threats. It is largely the packing, encryption, and obfuscation of existing families of trojans, backdoors, exploits, and other threats which is now done with industrial efficiency. What the increasing use of self-defense technologies in malware represents is the ever growing professionalism within the crime-ware community.

"I have a nasty feeling that the situation is getting worse, not better", says Mikko Hyppönen, Chief Research Officer at F-Secure Corporation. "However, we're not giving up either."

The first half of 2008 has witnessed a growing number of targeted malware attacks on individuals, companies, and organizations. In a targeted malware attack, the attacker profiles his victim and sends an e-mail using the recipient's name, title, and perhaps references to his job function. The message's content is typically something that the recipient would expect to receive via e-mail.

Targeted malware attacks are also being used for political and military motives. During the recent clashes between Tibetans and the Chinese military, the battles on the streets were accompanied by political espionage on the Internet. Human rights groups, pro-Tibet organizations and individuals supporting the freedom of Tibet were attacked with a carefully targeted and technically advanced e-mail campaign that attempted to infect their computers in order to spy on their actions.

Additionally the first half of 2008 brought some new ways to infect PC's, as well as "jailbreaking" for mobile phones. The full 2008 first half data security wrap-up is available at http://www.f-secure.com/2008/

http://www.f-secure.com/f-secure/pressroom/news/fsnews_20080624_1_eng.html

[Sebby]

Unfortunately, it seems that malware applications move one step ahead, and the malware authors move two! Users need to be more educated, but I can't see that happening.

[Rik]

I can see this becoming a marketing ploy for ISPs - "a safer internet connection", where they invest in the best hardware and software protection, and sit it between their customers and the 'net. It was certainly a lot more relaxed experience when I first connected.

[Gary]

There seems to be a new approach to AV on the horizon using white listing, bit9 have a massive data base and Kaspersky have used that in their new product, but the new idea is to have malware signatures on a central server not your pc then the av will be able to contact the server and this could bring the response time down to 15 minutes for new malware updates maybe less, Trend Micro are going to try this approach read about it here

[Rik]

I think it would be a bit like driving without a seatbelt. 

[Gary]

I think it would be a bit like driving without a seatbelt. 

It could work though Rik, as the data base of malware and generic signatures rises it may be the only way, Kaspersky has a database of over 1 million malware samples now, eventually something needs to be changed I am guessing, maybe its the start of that dumb terminal idea but using AV's as the first step

[Simon]

Looks interesting, Gary, but I still think I'd like some local protection.  I was amused by the comment regarding Norton 2009, which said:

The products are also not scanning each and every file. Instead, the 2009 products will be building a trust index — that is, the application will declare certain files (photos or MP3s, for example) clean and then not scan them again unless the files change.

Weren't Kaspersky doing this at least 2 versions ago?   

[Gary]

Yes they were, seems every Norton has cottoned on to that idea somehow now Simon I agree though I would like some local protection as well.

[Rik]

It could work though Rik, as the data base of malware and generic signatures rises it may be the only way, Kaspersky has a database of over 1 million malware samples now, eventually something needs to be changed I am guessing, maybe its the start of that dumb terminal idea but using AV's as the first step

I would just feel safer not relying on a remote server, Gary.

[Gary]

I would just feel safer not relying on a remote server, Gary.

I know what you mean Rik, Servers do fall as we know , but we are in danger of being swamped with malware at some point, so maybe use both, so if you have something suspicious but heuristics and signatures don't help it pings the server for an update straight away

[Rik]

That would work for me, Gary. 

[Gary]

That would work for me, Gary. 

Ok so what's our companies name

[Rik]

Mates? 

[Gary]

Mates? 

[Rik]

 

[Inactive]

Mates? 

Dare I ? ..no best not.. 

[Rik]