Security threats Toolkit

Virus attacks fall

Tags:
Viruses

Tom Espiner ZDNet.co.uk

Published: 03 Oct 2005 17:55 BST

The number of viruses swilling around the Internet declined in September, according to two reports issued on Friday.

Virus-laden emails dropped from 2.01 percent of all email in August, to 1.75 percent in September, the lowest level this year, according to email security company BlackSpider Technologies.

Security company Sophos also reported a drop in the number of infected emails -- the fifth in successive months. Sophos's research found that 1.53 percent, or one in 65 emails circulating in September, was viral.

Netsky.P topped the Blackspider virus chart for the seventh successive month, accounting for 24 percent of all viruses detected in September.

Sophos has seen a rise in Netsky.P incidences, and reported that this virus rose in prevalence from 14.7 percent to 18.6 percent of all viruses. Netsky.P also continued to head up the Sophos top ten.

Netsky.P spreads via email and Internet file-sharing systems, and tries to tempt PC users into launching an infected file, according to Sophos. The worm was written by German teenager Sven Jaschan, who received a 21-month suspended sentence on 8 July.

Netsky.P was first detected nineteen months ago. Sophos reported that the average age of the top ten viruses is eight months, which demonstrates to the company that "a large number of users are still being complacent about installing and updating their virus protection."

"Businesses and home users alike have had nineteen months to update their software, but an alarming number obviously still have not got round to it," said Sophos senior security consultant, Carole Theriault, in a statement.

This also supports the findings of a recent Sophos survey, which claimed that 79 percent of IT professionals believe employees are putting their organisations at risk by failing to act safely online.

Both reports highlight the changing nature of the security threat landscape.

Blackspider reports that incidences of zero-day malware (sent before a patch is released) have almost doubled since August, with 10 new variants of the Bagle virus featuring in the most common zero-day malware sent.

Sophos also saw a drop in mass-mailed attacks, with a growing number of targeted threats being written for financial gain.

"Smaller, targeted attacks are on the increase, with the emergence of a new breed of financially-motivated online criminal. The concern is that if users continue to combine unsafe computing practices with outdated threat protection, they'll be a soft target for this new form of attack," Theriault warned.

"Not only must firms ensure that they keep their virus, spyware and spam protection updated, but IT managers have to start enforcing strict security policies to ensure employees don't jeopardise that protection through reckless online behaviour," added Theriault.

In order to minimise exposure to viruses, Sophos recommends that companies deploy a policy at their email gateway which blocks unwanted executable attachments from being sent into their organisation from the outside world. Companies should also run up-to-date anti-virus software, firewalls and install the latest security patches.