Category: Statistics

In their virus reports for August, software and Internet security companies said that viruses such as Netsky, Zafi and MyDoom, together with their variants, continued to dominate the charts.

“Although we have seen a small, 10 percent, decline in reports of Zafi-B since last month, this email-aware worm doesn’t look like it’s going to fade into obscurity anytime soon,” said Carole Theriault, security consultant at antivirus firm Sophos. “Protection against Zafi-B has been available for a couple of months now, and computer users need to get into the habit of updating their systems in a much more timely manner, or this nuisance will continue to dominate reports.”

Email security outsourcing firm MessageLabs said the ratio of viruses to emails passing through its servers was 1 in 14 — about the same as for July. The rate for June was one in 11.

Spam interceptions meanwhile spiralled to 100 million for August, accounting for 70 percent of all email flowing through the company’s servers. Mark Sunner, chief technical officer at MessageLabs, said the trend for viruses to be linked to spam had continued. July and August were relatively quiet for viruses, suggesting that September will be more active.

http://news.zdnet.co.uk/0,39020330,39165257,00.htm

The IT security firm notes that the Zafi-B virus continues to wreak havoc on global email. “Although we have seen a small, 10 per cent decline in reports of Zafi-B since last month, this email-aware worm doesn’t look like it’s going to fade into obscurity anytime soon,” said Carole Theriault, security consultant at Sophos. “Protection against Zafi-B has been available for a couple of months now, and computer users need to get into the habit of updating their systems in a much more timely manner, or this nuisance will continue to dominate reports.”

In spite of the arrest of the Netsky virus author, a number of variants are still affecting businesses, and Netsky.P was number two in Sophos’s top 10 chart in August. Rounding off Sophos’s top 10 list are four more variants of the Netsky virus, the MyDoom-O, Bagle-AA and Lovgate-V. Despite more than 1,200 new viruses being detected in August, not one has made it into the chart this month.

In fact, the entire top 10 is made up of viruses which have been doing the rounds for weeks, if not months,” said Theriault.

August was a particularly bad month for virus attacks. Sophos analysed and protected against 1,230 viruses in the month, which the company says “is the highest number of new viruses seen in one single month since December 2001.”

http://www.theregister.co.uk/2004/09/02/virus_life/

Spam has accounted for 38 percent of the 31 billion emails sent each day in North America in 2004, up from 24 percent in 2002, the market researcher said.

Improved content filtering and anti-spam tools will help fight the problem, as will the growing use of alternative communications means, such as video conferencing and instant messaging software.

The ever-increasing intrusion by spam is forcing users and IT staff to spend extra time and energy to identify and delete such spurious email, which can be entry points for viruses, worms and offensive content.

Email is still the most preferred form of communication — business or otherwise — over the Internet.

According to IDC, the volume of email sent annually worldwide exceeded one exabyte, or one billion gigabytes, for the first time last year. IDC researcher Mark Levitt said the biggest challenge is to use the lessons learned so far and the investments made to help screen all inbound and outbound emails without compromising worker efficiency, corporate governance and regulatory compliance requirements.

http://news.zdnet.co.uk/communications/networks/0,39020345,39165256,00.htm

According to the researchers, an unpatched Windows PC connected to the Internet will last for only about 20 minutes before it’s compromised by malware, on average. That figure is down from around 40 minutes, the group’s estimate in 2003.

The Internet Storm Center, which is part of the SANS Institute, calculated the 20-minute “survival time” by listening on vacant Internet Protocol addresses and timing the frequency of reports received there. “If you are assuming that most of these reports are generated by worms that attempt to propagate, an unpatched system would be infected by such a probe,” the center, which provides research and education on security issues, said in a statement.

The drop from 40 minutes to 20 minutes is worrisome because it means the average “survival time” is not long enough for a user to download the very patches that would protect a PC from Internet threats. The center also said in its analysis that the time it takes for a computer to be compromised will vary widely from network to network. If the Internet service provider blocks the data channels commonly used by worms to spread, then a PC user will have more time to patch.

In a guide to patching a new Windows system, the Internet Storm Center recommends that users turn off Windows file sharing and enable the Internet Connection Firewall. Microsoft’s latest security update, Windows XP Service Pack 2, will set such a configuration, but users will have to go online to get the update, opening themselves up to attack.

One problem, experts say, is network administrators’ reliance on patching and their assumption that users will quickly patch systems. Speaking recently at the Microsoft TechEd developer conference in Amsterdam, Microsoft security consultant Fred Baumhardt said the day is likely to come when a virus or worm brings down everything. “Nobody will have time to detect it,” he said. This shows that patch management is not the be-all and end-all.”

http://news.com.com/Study%3A+Unpatched+PCs+compromised+in+20+minutes/2100-7349_3-5313402.html?tag=cd.lede

Computer security has evolved from being purely the domain of IT resources to the point now where even the board of a company take an interest. This growing concern about security has come about as the internet has emerged to be a ubiquitous business tool.

When the CSI and FBI started performing this survey in the mid-1990s, computer security concerns largely centred on technical issues such as encryption, access controls and intrusion detection systems. By 2004, the ninth annual survey indicates that companies are becoming more concerned with the economic, financial and risk management aspects of computer security in addition to the purely technical aspects. This indicates the greater importance that is being placed on security by senior management in organisations.

Overall, the 2004 survey indicates that the frequency of successful attacks against corporate information systems is decreasing – and has been in steady decline since 2001. In fact, only 53 per cent of respondents indicated that they had experienced unauthorised use of their computational systems in the past year, which is the lowest level since 1999. Over the past year, there has been a dramatic drop in reports of system penetration, insider abuse and theft of intellectual property.

This is a substantial change from last year’s survey, when 80 per cent of respondents reported insider abuse of networks to be the most common form of attack or abuse and indicates that security implementations are having some level of success in stopping these attacks. Even though 99 per cent of organisations surveyed are using anti-virus technology, virus attacks were cited as the most common form of security incident, affecting 78 per cent of respondents.

Further, virus attacks are contributing the most in terms of financial loss stemming from security incidents owing to the emerging threat of virus attacks being combined with denial of service attacks – costing companies more than double in monetary terms than any other type of security breach reported.

The next most costly forms of attack are theft of proprietary information, insider abuse of networks and the newly emerging threats of abuse of wireless networks.

For the first time, the survey asked respondents whether or not they conduct security audits of their information networks to look for vulnerabilities in a proactive manner.

One further new area was examined in the 2004 computer crime and security survey – that of the impact of regulation, specifically Sarbanes-Oxley, on the information security activities of companies. Corporate governance has been on the lips of corporate executives for the past year, and high-profile court cases have begun to hand out strict jail terms for transgressors. But, surprisingly, only among executives from the financial services, utilities and telecommunication industries did the majority state that Sarbanes-Oxley had affected their information security activities.

http://www.theregister.co.uk/2004/08/05/fbi_security_stats/

The poll of 1,240 British businesses found employee misuse of technology topping the reasons for security breaches, with 50 per cent of businesses having problems.

The second highest cause, at 45 per cent, was poorly updated antivirus software.

Only 18 per cent of organisations attributed problems to their own security policies.

The survey kicks off a year-long education campaign aimed at British business by security vendor McAfee, involving seminars and guide books aiming to inform on best practice. “Business perceives humans as the weakest link in security,” explained Sal Viveros, SME director for McAfee. “Companies aren’t taking the initiative to educate employees about the risk of certain activities, like file sharing with peer-to-peer [P2P] software. It’s a duty of every company to make sure their IT environment is safe for its employees and others to access.”

Although 75 per cent of companies have put procedures in place, two thirds of them believe staff have downloaded music and over half believe the same for instant messaging applications or multimedia software.

Professor Neil Barrett, who teaches IT security at Cranfield University, has firm views on such applications. “Any company with employees running P2P software is at risk,” he warned. “People shout and scream about applications like instant messenger being security threats but anything that, by design, downloads unchecked software onto a work PC is just an atrocious security risk.”

The survey also found that less than half of those surveyed were using any kind of anti-spam technology, and less than a quarter had intrusion prevention systems in place.

http://www.vnunet.com/news/1157129