ScanSafe Global Threat Report Reveals Malware on Infected Websites Remaining Active...

ScanSafe Global Threat Report Reveals Malware on Infected Websites Remaining Active Longer

  Compromised Websites Hosting Zero-Day Malware Remain Live 61 Days,
     Leaving Many Using Traditional Anti-Virus Updates Vulnerable
LONDON & SAN MATEO, Calif.--(Business Wire)--
ScanSafe, the pioneer and leading provider of Web
Security-as-a-Service, today released the results of a study of more
than 80 billion Web requests it scanned and 800 million Web threats it
blocked in 2007 on behalf of corporate customers in more than 50
countries across five continents. It represents the world's largest
security analysis of real-world corporate Web traffic.

   Among the study's key findings, Web threats including viruses,
Trojans, password stealers and other forms of malware are becoming
more prevalent, increasing numbers of legitimate sites are unknowingly
hosting malware and compromised sites are remaining infected
longer--in some cases more than two months.

   "The numbers speak for themselves," says Mary Landesman, senior
security researcher, ScanSafe. "Not only has there been a significant
increase in known malware, but on average, zero-day or 'new' threats
accounted for 21 percent of all the malware ScanSafe blocked. Further,
this malware is remaining active on sites for weeks and in some cases
months, leaving users exposed and representing a huge window of
opportunity for cyber criminals."

   Malware on the Web Up 61 Percent and Zero-Day Threats Account for
21 Percent of All Web Malware

   ScanSafe's analysis found a 61 percent increase in malware during
the second half of 2007. Twenty-one percent of all the malware blocked
by ScanSafe in 2007 was zero-day malware--new malware for which there
is no existing patch or anti-virus signature--leaving businesses
relying on signature updates vulnerable to exposure.

   The most frequently encountered malware is designed to steal
passwords and other sensitive financial information from bank accounts
and even online games--putting corporate and personal financial
information at greater risk and opening businesses to legal liability
and compliance risks. In particular, the most frequently blocked final
stage malware were password-stealing Trojans targeting online gamers.
Online gaming while at work, once thought to be just a productivity
drain, is now a significant security risk. Quite often, game-targeting
Trojans also harbor a backdoor or key logging feature that exposes
other sensitive data unrelated to gaming.

   Malware-Infected Websites Remain Live Longer, Increasing Risk of
Exposure to Attack

   There has been a significant increase in the amount of time a site
is delivering malware (also known as `time to life' or 'TTL'):

   --  In the second half of 2007, malware on infected sites remained
        live for an average of 29 days, a 62 percent increase from 18
        days during the first half of the year.

   --  Zero-day threats have an even longer shelf life once they
        compromise a website. Websites infected with zero-day malware
        remained live an average of 61 days in the second half of
        2007, up 190 percent from 21 days during the first half of
        2007.

   --  The average TTL for all malware blocks over the course of the
        year was 24 days.

   The report also notes that the complex network of advertising
providers and advertising affiliates has made it increasingly easier
for attackers to surreptitiously insert malicious advertising. One
rogue partner and a large number of sites can begin delivering
malware, potentially exposing millions. In 2007 several high profile
sports sites unwittingly served malicious ads, including the websites
for the National Hockey League, Major League Baseball, TheSun.co.uk,
MySpace.com and PhotoBucket.com.

   A full copy of the report is available at
http://www.scansafe.com/annualgtr2007.

   About ScanSafe

   ScanSafe is the largest global provider of Web
Security-as-a-Service, ensuring a safe and productive Internet
environment for businesses. ScanSafe solutions keep viruses and
spyware off corporate networks and allow businesses to control and
secure the use of the Web and instant messaging. As a fully managed
service, ScanSafe's solutions require no hardware, upfront capital
costs or maintenance and provide unparalleled real-time threat
protection. Powered by its proactive, multilayered Outbreak
Intelligence(TM )threat detection technology, ScanSafe scans more than
8 billion Web requests and blocks 80 million threats each month for
customers in over 50 countries.

   With offices in London and San Mateo, California, ScanSafe is
privately owned and financed by Benchmark Capital and Scale Venture
Partners. The company received a 2007 CODiE award for Best Software as
a Service Solution, the 2007 SC Magazine Europe Award for Best Content
Security Solution and was named one of Red Herring's Top 100
Technology companies. For more information, visit www.scansafe.com.

In the U.K.
Six Degrees
Amanda Hassall, Office: +44 (0) 1628.480280
Mobile: +44 (0) 7855.359889
Email: mandy.hassall@sixdegreespr.com
or
In the U.S.
ScanSafe
Sheila O'Neill, Office: +1-650-294-3463
Mobile: +1-303-324-7310
Email: sheila.oneill@scansafe.com
or
Schwartz Communications, Inc.
Kim Angell, Office: +1-415-512-0770
Email: scansafe@schwartz-pr.com

Copyright Business Wire 2008