Waiter, There's Malware in My Soup!
Based on the information collected by SophosLabs--which included receiving "approximately 20,000 new samples of suspect software every single day"--Sophos crunched the numbers on online security risks and came up with some pretty scary statistics, including the following:
- A newly infected Webpage is discovered every five seconds
- A new spam-related Webpage is discovered every 20 seconds
- There are currently over 11 million different malware threats in existence
- Presently, the biggest malware threat is from SQL injection attacks against Websites
- The top host for malware is Blogspot.com
The report explains that "one of the reasons the web is so popular with attackers is that innocent sites can be compromised and used to infect large numbers of victims." These attacks target not only visitors to the sites, but often target the sites themselves via SQL injection attacks. Earlier this year the RIAA's site was hacked via SQL injection, as was Kaspersky's Malaysian site only a few days ago. More than half of the affected Web server software during the first half of 2008 were Apache servers.
| Credit: Sophos|
Microsoft Windows is the most prolific platform and therefore is the most frequently targeted for malware. But Sophos is seeing a growing trend of malware targeted at other platforms, such as the Mac OS, Linux OS, the iPhone, cell phones, and even social-networking sites. As users are less accustomed to encountering malware on these other platforms, they are far less likely to takea proactive approach to protect themselves from potential malicious attacks.
The stakes are high; much of the malware is designed to gain access to data and resources that enable cyber criminals to generate income from illegal activity such as identify theft and DOS attacks. Our coverage here only skims the surface of the depth that the report covers--follow the link below to see the full report (requires free registration).