The nature of the malware threat is changing, with writers becoming increasingly sophisticated at concealing their activities. 

Malware is software designed to infiltrate or damage a computer system without the owner's informed consent.

Malware should not be confused with defective software, that is, software which has a legitimate purpose but contains harmful bugs.

The number of UK companies reporting malware infection is down by 60 per cent compared with two years ago, partly because of improved anti-virus controls.

Yet, for two-thirds of the companies affected, malware caused their worst information security breach of the year, with some being penetrated by hackers, others losing confidential data and some acting as spam relays.

The nature of the malware threat is changing, with writers becoming increasingly sophisticated at concealing their activities. Spyware accounted for a sixth of the worst infections.

These are among the early findings of the 2008 Information Security Breaches Survey (ISBS) carried out by a consortium led by PricewaterhouseCoopers on behalf of the Department for Business, Enterprise & Regulatory Reform (BERR).

Less direct damage 

After the significant business disruption caused by viruses, worms, Trojans and spyware (collectively known as malware) in the early 2000s, this year’s survey shows that malware is causing much less direct damage than in the past.

Only 14 per cent of UK companies reported a malware infection last year, down from 35 per cent two years ago when the last ISBS survey was carried out. Even among very large businesses, less than half had an infection last year.

According to the ISBS report, it appears that there are three main reasons why fewer malware infections are being reported.

Corporate anti-virus defences have significantly improved. Almost every company has anti-virus software, and 95 per cent scan incoming emails for viruses.

Roughly 98 per cent have software to scan for spyware, a big improvement on two years ago, when only three quarters did so.

Most minor virus infections no longer register in the same way as they did. They are no longer considered security breaches but as events dealt with by routine controls.

Worst security incident of any kind 

The nature of malware itself – infection used to be the end goal, but is now just the first stage in enabling more lucrative attacks by hackers.

As a result, malware now seeks to remain undetected. Spyware now accounts for one in six of the worst infections.

Despite the lower levels of infection, it would be a mistake, however, to assume that the malware threat is extinguished.

For two thirds of companies that had a virus infection, it was their worst security incident of any kind in the year. Malware infections were particularly damaging in the telecommunications sector.

Systems vulnerable to attack 

Chris Potter, a partner at PricewaterhouseCoopers said that if there was one area of security where UK plc has really got the message, it was virus protection.

He warns, however, that there remain some serious challenges. Companies now seem to be slower to install operating system patches than they were in 2006.

Delaying patches can leave systems vulnerable to attack. On the other hand, rolling out patches instantly, without testing them first, can lead to systems instability.

“It’s important that companies strike the right balance here – risk assessment is essential,” Potter added.

Motivation has changed 

Dr. Guy Bunker, Chief Scientist at Symantec Corporation, one of the consortium members responsible for the survey, said that while the results of the survey were encouraging, it was clear that the battle between malware writers and companies continues unabated.

He added that recent research showed that there are over a thousand new malicious threats appearing each day.

He concluded, therefore, that the battle is still on, although it has changed from being obvious and high-profile to silent and obscure but just as lethal.

“The motivation of malware writers has changed. Law enforcement in this area has improved around the world. As a result, the kudos derived from writing a disruptive worm to gain notoriety is outweighed by the personal consequences,” he said.

“Motivated by the money involved, organised crime is employing malware writers to write 'stealthy' code that seeks to obtain confidential information or open security holes which can be exploited for financial gain,” Bunker concluded.

Share this: digg   del.ico.us   Newsvine   Reddit   Furl   technorati   Facebook

Comments (0)

Subscribe to this comment's feed

Name (required)

Email (required) (not published)

Website

Title

POST

By posting on this website you are agreeing to abide by our website comment policy and all posts are subject to the approval of the website editor. We will remove posts that contain offensive or threatening language, personal attacks on the writer or other posters, posts that are off topic and posts that are considered spam or specifically used to promote any commercial products or services. Any poster who repeatedly contravenes the policy will be banned from posting on the website.