Security Experts:

Report Reveals Cybercrime Trends, Thoughts on Cyberwarfare and Threat Predictions

Sophos Mid-year 2010 Security Threat Report

IT security and data protection firm Sophos today published its mid-year 2010 Security Threat Report. The report covers several topic areas ranging from malware, cybercrime, and spam trends to revealing the findings of a survey of attitudes toward cyberwarfare and cyber-espionage, as well as other IT security developments and statistics.Sophos 2010 Security Threat Report

Malware and Cybercrime

Cybercrime is a massive and growing industry, proving to be incredibly profitable for many, and in a weak economy, getting involved is an attractive undertaking for individuals around the world.

In the first half of 2010, Sophos received an average of 60,000 new malware samples every day, about 1 every 1.4 seconds. Considering that it’s virtually impossible for Sophos to receive every piece of malware, you can be sure cybercriminals are cranking out malware at an even faster rate than this. These figures are 50% higher than the same time last year, with Sophos receiving about 40,000 malware samples per day.

For malware distribution, the Web is still the dominant home for malware with Blackhat SEO (search engine result “poisoning”) being the current favorite method for propagation. Web servers in the U.S. hold the top spot for hosting malicious Web pages with 43% of the global total. China follows in a distant second place with 10.75% and Russia follows as the number three host of malware at 6.13%.

“The biggest issue is that a lot of these websites are legitimate ones that have been targeted by hackers – businesses could end up infecting their customers, leaving them open to fraud,” said Graham Cluley, senior technology consultant at Sophos.

Cyber Espionage and Cyberwarfare

In addition to SophosLabs’ malware and cybercrime research, the company conducted a worldwide survey, which uncovered some interesting attitudes toward international cyber-espionage and cyberwarfare. Respondents were asked questions including whether they thought spying via hacking or malware attacks is an acceptable practice and if the computer networks of private companies in other countries are legitimate targets.

• 63% of those polled believe that it is acceptable for their country to spy on other nations by hacking or installing malware (23% said yes at any time, 40% said only during wartime, 37% said no)Cyberwar Survey

• 1 in 14 respondents believe that crippling denial of service attacks against another country’s communication or financial websites are acceptable during peacetime (49% said only in wartime, 44% said never)

• 32% believe that countries should be allowed to plant malware and hack into private foreign companies in order to spy for economic advantage (23% said this was only acceptable in wartime, 9% said in peacetime, 68% said no)

The survey was conducted from April through May of this year on Sophos’ website and Facebook page. 1,077 people responded from 57 total countries – the most being from the US and UK.

In January, ‘Operation Aurora,’ a targeted attack against Google and several other companies, resulted in Google accusing Chinese hackers of cyberwarfare.

“Hacking and virus-writing began as a hobbyist activity, often designed to prove how smart the programmer was, rather than to cause serious long-term harm. It evolved into organized criminal activity, with the lure of large amounts of money and now, in 2010, it could be argued that the third motivation is using malware and the internet to gain commercial, political, and military advantage over others,” said Cluley.

The Sophos Mid-year 2010 Security Threat Report contains many more facts and figures on the latest social networking, malware, and spam threats, as well as predictions for emerging trends.

You and can download the full Sophos Mid-year 2010 Security Threat Report at: http://www.sophos.com/trmy10

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.