Secure Computing Corporation, a leading enterprise gateway security company, announced an increase in web borne malware attacks that are financially motivated, in a report outlining the top threats worldwide that afflicted enterprise and home users in the first half of 2007.
The report first identified that information-stealing threats and backdoor threats continue to be the greatest threats, and are on the rise. Statistics show that this has been the predominant method by which attackers have impacted enterprises and home users.
Information-stealing malware now accounts for approximately 10% of all the threats tracked; this up from 8% in January. The report also shows an anticipated ongoing trend from malware directly attached to emails, towards messages that link to Web-hosted malware.
Trojans continue to dominate the malware scene, accounting for nearly 63% of all newly-discovered variants. This is also up from 58% in January. And, Windows Executable Files remain the most popular vector for distributing new attacks.
The report also revealed that spyware infestations and phishing are on the rise as attackers revert to “quieter” (fewer but more targeted) attacks intended to steal personal or financial information. Gartner also states that financially-motivated targeted attacks using undetectable professional-grade malware are projected to have infected 75% of enterprises by the end of 2007.
Today’s adware is now more often categorized as surveillance-driven spyware, or programs that are dropped onto a user’s system and installed without their knowledge. In addition, spam linking to exploit sites where spyware is installed has also become an increasing issue among consumers.
“Blended threats such as spam emails carrying links to malware-hosting websites indicate the increased sophistication of content-borne attacks,” said Chenxi Wang, principal analyst, Security and Risk Management for Forrester Research. “To better protect themselves, users should consider deploying a solution that is capable of cross-channel analysis and reputation assessment for both email senders and URLs.”
“Today’s threats are faster and more complex than ever. Secure Computing’s reputation-based web gateway security solutions are optimally positioned to protect customers from phishing, malware, and blended threats,” said Sami Mulla, Regional Sales Director –
In an effort to address new threats, Secure Computing researchers recommend that both enterprises and consumers assure their software and patches are up-to-date, and that they implement a multi-layered approach to proactively detect and block attacks.
