One New Infected Webpage Found Every Five Seconds, Reveals Latest Sophos Security Threat Report
U.S. overtakes China as country hosting most infected web pages
BOSTON--(Business Wire)--
IT security and control firm Sophos has published its latest
Security Threat Report, which looks at worldwide cybercrime during the
first quarter of 2008. The findings show a dramatic increase in
web-based threats compared to 2007 - the first three months of 2008
showed Sophos finding and blocking a new infected webpage every five
seconds, compared with one every 14 seconds last year.
U.S. Now Hosts More Malware Than Any Other Country
The top ten countries hosting web-based malware in Q1 2008:
-0-
*T
1. United States 42.0%
2. China 30.1%
3. Russia 10.3%
4. Germany 2.2%
5. Ukraine 1.7%
6. Turkey 1.6%
7. United Kingdom 1.1%
8. Thailand 1.0%
9. Czech Republic 0.9%
10. Canada 0.7%
Others 8.4%
*T
Research into which countries host the most infected web pages
shows some interesting changes since the 2007 Sophos Security Threat
Report. The United States in particular has experienced unprecedented
growth, from hosting less than 25 percent of all infected pages
overall in 2007, to almost half in the first three months of 2008.
China has demonstrated the biggest drop, from hosting more than
half of all the infected pages seen by Sophos in 2007, to just under a
third in the first quarter of 2008. Elsewhere in the chart, newcomer
Thailand was responsible for hosting 1 percent of all malware infected
web pages, while the UK hosted 1.1 percent, down from 3 percent in the
same period last year.
"The U.S. and China are no strangers to this chart, with the two
countries long holding the top two spots in this hall of shame," notes
Mark Harris, global director of SophosLabs. "However, the bottom half
of the chart remains fluid, indicating that users need to remain
vigilant."
Hacked Sites Pose Greatest Risk To IT Security
From January to the end of March 2008, Sophos identified an
average of more than 15,000 newly infected web pages each day. Most
worrying for computer users, is the fact that the majority of these
poisoned sites - 79 percent - are found on legitimate websites that
have been hacked. February saw the website of UK broadcaster ITV fall
victim to a poisoned web advert campaign which targeted both Windows
and Mac users, while in March a Euro 2008 football ticket website was
hacked by cybercriminals in an attempt to infect unwary fans. In
contrast, just one in every 2500 emails is now infected, compared to
one in every 909 in 2007.
The top ten malware found on the web in Q1 2008:
-0-
*T
1. Mal/Iframe 29.0%
2. Mal/ObfJS 27.0%
3. Mal/ZlobJS 6.7%
4. Mal/Psyme 2.6%
= 5. Troj/Decdec 2.2%
= 5. Troj/Fujif 2.2%
7. Troj/Unif 1.8%
8. Troj/Dload 1.1%
= 9. VBS/Haptime 1.0%
= 9. VBS/Edibara 1.0%
Others 25.4%
*T
The top two web threats, Mal/Iframe and Mal/ObfJS, which are
together responsible for more than half of all the online malware
found by SophosLabs, are programmed by cybercriminals to infect
websites by taking advantage of vulnerabilities. Sophos experts warn
that companies can protect their network by investing in web security
that scans a webpage for malware before granting access, while
companies need to ensure that their web servers are protected against
hack attacks.
"About 1 percent of web requests now deliver an infected page,
most of which are legitimate websites belonging to people just trying
to earn a living," says Harris.
Data Leaks Continue To Cause Embarrassment
Data leakage continues to be a major concern for organizations,
with several high profile cases of businesses losing sensitive
customer information reported during the first three months of 2008.
In March, the largest reported data breach this year involved the
credit card numbers of more than four million customers being stolen
from U.S. supermarket chain Hannaford Bros. The credit card details,
taken by cybercriminals using malware installed on servers at the
chain's branches, have already been used in approximately 1800 fraud
cases.
These incidents cause embarrassment to businesses and government
agencies and are a concern for all consumers. Sophos experts warn that
cybercriminals are now more experienced and better resourced in the
delivery of sophisticated attacks.
As well as ensuring payment card industry (PCI) guideline
compliance, Sophos reminds businesses to consider employing further
measures to make their computer systems as secure and unattractive a
target for hackers as possible. "Several PCI compliant companies,
including Hannaford's, have fallen foul of enterprising cybercriminals
in recent months," adds Harris. "With more comprehensive solutions in
place, businesses can make their data unappetizing to greedy hackers
who are only after a free lunch."
You can download a PDF of the full report from
www.sophos.com/securityrep08q1.html.
About Sophos
Sophos provides solutions that enable enterprises all over the
world to secure and control their IT infrastructure. Sophos's network
access control and endpoint solutions simplify security to provide an
integrated defense against malware, spyware, intrusions, unwanted
applications and policy abuse. Sophos complements these solutions with
innovative email and web security products that filter traffic for
security threats, spam and policy infringements.
With over 20 years of experience, Sophos's reliably engineered
security solutions and services protect more than 100 million users in
over 140 countries. Recognized for its high level of customer
satisfaction, award-winning channel program and powerful yet
easy-to-use solutions, Sophos has received many industry awards, as
well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More
information is available at www.sophos.com.
CHEN PR
Kevin Kosh, 781-672-3111
kkosh@chenpr.com
or
Sophos
Jennifer Torode, 781-494-5885
jennifer.torode@sophos.com
Copyright Business Wire 2008
