Malware Record Set in 2009, Says PandaLabs

PandaLabs predicts 2010 will be worse as social Web apps, Windows 7 become prime targets.

by / February 1, 2010

CIOs had better hold onto their networks, because 2010 may be a bumpy ride, at least according to some eye-opening data compiled by Panda Security, an anti-malware developer. 2009 was rough, but this year malware will run rampant across the Windows 7 operating system and many social networking applications that will undoubtedly increase in popularity, according to PandaLabs, the company's research arm.

"Looking from 2008 to 2009, the changes we've seen in the threat landscape really have been centered around the financial motivation and cyber-crime. And that's primarily why we're seeing such a huge increase in new malware samples," said Sean-Paul Correll, a Panda threat researcher. "In 2009 we received 25 million malware samples coming into our laboratories, and that's a huge change because in our 20 years of existence, subtracting 2009, we've only received a total of 15 million, so that's a pretty big jump for just one year."

PandaLabs released a 2009 Annual Report in January 2010 disclosing data collected between January and November 2009. The company's Collective Intelligence system collects and analyzes malware data across the Internet. Researchers predicted that 2009 would see lots of growth in malicious code, but the number and frequency of malware strains exceeded those expectations. According to the report, the company receives 55,000 new samples every day.

Spam accounted for 92 percent of all e-mail worldwide. The top three recipients of the unwanted mail were the automotive, electrical and government sectors with e-mail-borne malware ratios of 99.89, 99.78 and 99.60 percent, respectively.

Trojans accounted for 66 percent of the samples, and adware accounted for 17.62 percent. Criminals preferred social networking channels like Facebook, Twitter and YouTube to disseminate the code.

"Cyber-criminals have basically found ways to get around traditional antivirus technology," Correll said.

The countries with the most infections were Taiwan at 62.2 percent, Russia at 56.8 percent and Poland at 55.4 percent in 2009. The United States was ninth at roughly 50 percent. Sweden was the least infected at 31.6 percent.

In better news, user might not have to worry too much about their phones. Company data says that 2010 won't be a big year for mobile phone-targeted attacks. Cell phone platforms are too numerous and different for criminals to develop harmful code for devices en masse the way they can for PCs with ubiquitous operating systems and technologies that can be used to reach multiple victims more easily.

And the company also predicts that cloud-assisted real-time anti-malware protection will be what companies use to fight malicious code in the future.

"Moving toward the cloud is just the next step in the evolution to making sure that we can protect our customers quickly enough, because really, it only takes a second to reintroduce a new infection into a network, and that can create havoc and financial data can be stolen," Correll said.


Hilton Collins

Hilton Collins is a former staff writer for Government Technology and Emergency Management magazines.