Tuesday, December 25, 2007

2007 A Record Year For Malware

The explosion of malware PC users saw in 2007 is going to get exponentially worse in 2008, security researchers say.

Researchers at McAfee Avert Labs estimated that unique malware will exceed 370,000 pieces by the end of this year, constituting the largest amount of malware on record. The 60 percent increase from 2006 indicates a trend that will likely result in at least 550,000 pieces of new malware by the end of 2008, security researchers say.

This trend has been consistent for the last three years, according to a recent McAfee chart. The chart indicated that the most significant spike in malware came between 2006 and 2007, where it rose from a little more than 220,000 to 370,000 new pieces. Between 2000 and 2003, malware remained relatively constant at about 60,000 new pieces, rising incrementally until 2004, when it spiked sharply upward from a little more than 100,000 to about 175,000 new pieces at the end of 2005.

One of the reasons for these large surges of malware is due to the number of variants that attackers release every day, security researchers say. Craig Schmugar, threat research manager at McAfee Avert Labs, said that analysts have noticed that malware authors are putting more effort into evading detection while keeping a high number of machines infected.

Individuals and businesses will continue to see more bots like the Nuwar Storm Worm, which became one of the most notorious viruses of 2007 because of its ability to constantly change as it replicated itself, he said.

"Groups like Nuwar Storm Worm are constantly trying to make their threats more pervasive," said Schmugar. "If they're releasing a thousand (variants) a day, it's more of a challenge and it requires different defense strategies."

Schmugar said he anticipated that malware would continue to rise in 2008 as more attackers learned from the success of their predecessors. "People are looking to the success of others. We expect that other authors who don't have the same success may look to see what the more successful threats are doing. It stands to reason that they would model those," he said.

Also next year, attackers will also be more likely to channel increased efforts into automating malware processes, which might entail a higher upfront cost but ultimately take less involvement to produce, Schmugar said.

"Over time when there hasn't been a publicized case, the malware authors get some complacency," said Schmugar. "At some point they will defeat the purpose of so many variants and they will have to move on to other technologies.

No comments: