New Sophos Security Report Reveals Cybercriminals Moving Beyond Microsoft

Mac Users Targeted by Financially-Motivated Hackers for the First
                                 Time
BOSTON--(Business Wire)--IT security and control firm Sophos has published its Security
Threat Report 2008, examining the threat landscape during the previous
12 months and predicting emerging cybercrime trends for 2008. The
report reveals that in 2007 organized criminal gangs for the first
time arrived at Apple's doorstep with the intention of stealing money.
With proof that hackers are extending their efforts beyond Windows,
Sophos is warning computer users of all operating systems not to be
complacent about security.

   Sophos experts note that malware for Macs has been seen before,
but until recently, organized criminal gangs have not felt the need to
target Mac users when there are so many more poorly protected Windows
PCs available. However, late 2007 saw Mac malware not just being
written by researchers demonstrating vulnerabilities or showing off to
their peers, but by financially-motivated hackers who have recognized
there is a viable and profitable market in infecting Macs alongside
Windows PCs. For example, many versions of the malicious OSX/RSPlug
Trojan horse, first seen in November 2007, were planted on websites
designed to infect surfing Apple Mac computers for the purposes of
phishing and identity theft.

   "Cybercriminals have begun to notice a trend in consumer's
attractions toward Apple Macs during the last year," said Mike Haro,
senior security analyst at Sophos. "This trend has led to a number of
viruses and malware created by hackers for the purpose of attacking a
growing number of consumers who purchase Mac computers. Mac users need
to be aware that while the threats that exist right now are few in
number, they still need to take adequate measures to protect
themselves."

   Sophos experts are now discovering 6,000 infected webpages every
day - one every 14 seconds. Eighty-three percent of these webpages
actually belong to innocent companies and individuals, unaware that
their sites have been hacked. Websites of all types, from antique
dealers to ice cream manufacturers to wedding photographers, have
hosted malware on behalf of virus writers.

   Cybercriminals can target any computer user by spamming out emails
containing links to the poisoned webpages and directing unsuspecting
victims to the malicious code. The website can determine if the
visiting computer is a Mac or a PC, delivering malware custom-written
for the surfer's operating system.

   WI-FI PRESENTS CYBERCRIMINALS WITH MORE AVENUES TO EXPLORE

   As computer users wise up to traditional malware attacks, such as
email-born worms, Sophos's Security Threat Report 2008 also reveals
that the wider use of new mobile technologies and Wi-Fi enabled
devices, like Apple's iPhone and iPod Touch, may be opening new
vectors of attack for hackers. Flaws have been found in the mobile
email program and Safari browser installed on these devices. While
uptake remains limited, cybercriminals seeking large returns are
unlikely to exploit these avenues on a major scale in the near future.
However, as personal Wi-Fi devices grow in popularity, the risks will
no doubt increase. Sophos experts also note that the low cost
ultra-mobile PCs, such as the popular Linux-based ASUS EEE laptop, are
likely to gain the attention of the cyber underworld as sales continue
to grow.

   "Purchasing the newest technologies does not guarantee that your
smartphone or laptop is completely immune to spyware and malware
attacks," said Haro. "Any technology with an internet connection is a
potential target for cybercriminals looking to exploit users for
financial gain. Those with Wi-Fi connections need to make sure that
they are taking the appropriate steps to password-protect and secure
their connection."

   STATE-SPONSORED CYBERSNOOPING AND CYBERCRIME CLAIMS PREDICTED TO
RISE

   During 2007, it became more common for countries to openly accuse
each other of engaging in cybercrime, despite the fact that it can be
extraordinarily difficult to prove where an attack originated and if
it is government-sponsored or purely a lone hacker acting
independently.

   In April 2007, a large-scale distributed denial-of-service (DDoS)
attack against websites in the Baltic state of Estonia was blamed on
Moscow, while in December 2007, it was revealed that MI5, the British
secret service, believed that the Chinese government was behind
electronic espionage against British firms designed to give China a
commercial advantage. However, neither claim has been proven.

   "While there is no evidence of state-sponsored cyberspying, 2008
will likely see an increase in accusations toward other governments,"
said Haro. "Determining the exact source of these attacks is becoming
increasingly difficult as hackers have become better at covering their
tracks. For this reason, government agencies need to ensure that they
prevent hackers from having an opportunity to infiltrate their
computer systems."

   MAL/IFRAME REMAINS DOMINANT MALWARE THREAT IN 2007

   Web threats continued to be the preferred vector for malware
attack in 2007.

   The top 10 list of malware found on the web in 2007 reads as
follows:

-0-
*T
1 Mal/Iframe      53.3%
2 Mal/ObfJS        9.8%
3 Troj/Decdec      6.6%
4 Troj/Psyme       6.2%
5 Troj/Fujif       5.8%
6 JS/EncIFra       3.9%
7 Troj/Ifradv      2.4%
8 Mal/Packer       1.2%
9 Troj/Unif        1.0%
10 VBS/Redlof      0.8%

Others             9.0%
*T

   CHINA IS THE NUMBER ONE COUNTRY HOSTING MALWARE IN 2007

   In 2006, China was responsible for hosting just more than 30
percent of all web-based malware and held second place after the U.S.
However, in 2007 this position was reversed with China hosting more
than half of all infected webpages.

   The top 10 list of malware-hosting countries in 2007 reads as
follows:

-0-
*T
1 China             51.4%
2 United States     23.4%
3 Russia             9.6%
4 Ukraine            3.0%
5 Germany            2.3%
6 Poland             0.9%
7 United Kingdom     0.7%
8 France             0.7%
9 Canada             0.7%
10 Netherlands       0.7%

Others               6.6%
*T

   "China continues to top the charts every month, leading all others
by a substantial margin in countries hosting malware. While all
countries need to do their part in preventing the spread of spam and
viruses, China needs to step-up its efforts in preventing the spread
of threats," explained Haro.

   For more information, including statistics on email threats,
detection techniques and spam-relaying countries, please download the
Sophos Security Threat Report 2008 from:
www.sophos.com/securityreport2008.

   A journalist-specific edition of the report is available at
www.sophos.com/secrep2008.

   About Sophos

   As a global company, Sophos provides solutions that enable
enterprises to secure and control their IT infrastructure. Sophos's
network access control and endpoint solutions simplify security to
provide an integrated defense against malware, spyware, intrusions,
unwanted applications and policy abuse. Sophos complements these
solutions with innovative email and web security products that filter
traffic for security threats, spam and policy infringements.

   With over 20 years of experience, Sophos's reliably engineered
security solutions and services protect more than 100 million users in
over 140 countries. Recognized for its high level of customer
satisfaction, award-winning channel program, and powerful yet
easy-to-use solutions, Sophos has an enviable history of industry
awards, reviews and certifications.

   Sophos is headquartered in Boston, MA and Oxford, UK. More
information is available at www.sophos.com.

Racepoint Group
Heather Ailara, 781-487-4650
hailara@racepointgroup.com
or
Sophos
Jennifer Torode, 781-494-5885
jennifer.torode@sophos.com

Copyright Business Wire 2008