Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

85 Percent of Malware Comes from the Web, 30k Sites Infected Daily, Says Sophos

In its most recent threat report, Sophos examines a wide range of topics including the problems and threats that emerged last year, and tying them into a list of predictions for 2012.

In its most recent threat report, Sophos examines a wide range of topics including the problems and threats that emerged last year, and tying them into a list of predictions for 2012.

Among the findings was that more than 30,000 websites are infected daily, and 80 percent of them are legitimate sites, not setup by cyber-criminals but hacked or injected with code to host malware. In fact, Eighty-five (85) percent of all malware, including viruses, worms, spyware, adware and Trojans, comes from the web, with drive-by downloads marked as the top web threat.

How Web Based Malware is SpreadOf the 30,000 websites that Sophos says are infected daily, 10 percent are infected with an exploit kit; in fact two-thirds of them were hijacked by the Blackhole kit itself.

According to Sophos, proactive defenses and faster detection rates helped deal with the explosive infection rate. Of the 5.5 million unique samples seen by their customers, 80 percent of them were mitigated with only 93 detection signatures. This is partly due to the fact that Web-based infections, such as those delivered by the Blackhole Exploit kit, started an upward trend last year, but the malware delivered was easily flagged.

Moreover, Sophos examined the nature of risk, both at home and the office, in its threat report.

The consumerization of IT, sometimes called “Bring Your Own Device” (BYOD), Sophos said, became one of the newer causes of data vulnerability, as employees accessed sensitive corporate information from their home computers, smartphones, and tablets.

Yet, when the users themselves were asked what the biggest threats were online, a majority of them called out the rise in malware, while others blamed themselves. Case in point, while 67 percent of the 4,300 people in the poll names malware as the largest threat, 61 percent of them also said individuals are not doing enough to protect themselves.

“As cybercriminals expand their focus, organizations are challenged to keep their security capabilities from backsliding as they adopt new technologies,” said Mark Harris, vice president of SophosLabs, Sophos.

“And as we continue to access information in different ways, from different devices in different locations, security tools must be able to ‘protect everywhere’—from desktops to mobile and smart devices and the cloud. But more importantly and oft-disregarded, cybercriminals will continue to stalk the easiest prey — security basics like patching and password management will remain a significant challenge.”

Trend wise, Sophos predicts that mobile payment services are going to be targets, as well as the fact that new Web and network technologies (HTML 5 and IPv6) can be expected to cause problems. Despite what the polled users think, Sophos suggested that 2012 will see an increase in threats that center on social media.

Finally, Sophos offers advice on one topic that seems to cause the most problems no matter what year it is:

“Security basics like patching and password management will remain a significant challenge to IT security. Keeping your devices healthy by identifying missing patches in areas commonly targeted by the bad guys will help significantly. Technologies like file and folder encryption will smooth the adoption of cloud services and new devices.”

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.