As Malware Bell Tolls, Time Marches On

The latest malware proliferation numbers issued by McAfee only serve to reinforce that attacks continue to grow exponentially, with researchers highlighting the fact that for cyber-criminals, business appears to remain good.

Malware distributors are keeping the pedal to the metal in accelerating the volume of attacks, driving the overall total of threats observed by McAfee’s sensor network ever higher.

Despite the fact that in 2008 the world saw previously unheard of levels of attacks pulsing across the electronic ecosystem, the security software maker contends that it saw almost as many threats over the first half of 2009 as it saw during all of last year.

Thus far McAfee’s network has filtered over 1.2 billion attack in 2009, compared to the 1.5 billion it observed during all of 2008.

McAfee AVERT Labs communications lead David Marcus noted in a related blog post that despite the lagging worldwide economy, the malware business is alive and well.

Anyone who might have assumed that the economic slowdown might be killing the cyber-crime industry is in for a rude awakening, he said.

“Global economic downturn or not, malware production continues at a record-setting pace because this is how many cyber-criminals make their money,” Marcus said. “Even when compared to the first half of 2008, the growth is almost three times what it was.”

Rather, the malware business is producing an average of 200,000 unique attacks monthly or more than 6,000 daily, and that’s only counting each truly unique sample once, the expert points out.

If McAfee included the many more attacks that it finds using heuristics or generic fingerprinting, the number would be “mind boggling,” he said.

As new attacks and their less original counterparts continue to break records and arrive in seemingly permanent waves, there’s no signal that the threat avalanche will cease to advance through different stages or slow down.

And the biggest issue in empowering the malware tide, hapless end users, remains readily available, keeping attackers in the black, McAfee researcher François Paget wrote in a recent white paper on cyber-crime trends.

“Nine years after the ‘I love you’ virus appeared, many Internet users remain vulnerable,” Paget said. “Optimists say that users are less impulsive about double clicking on e-mail attachments and that they are beginning to be wary about unusual requests, such as a mirror site may present. This may be true, but new Internet subscribers form an inexhaustible reserve of naive people.”

The dehumanizing mob rule of attacks remains the master of our reality, despite the fact that there are larger numbers of more paranoid users, the experts said.

Apparently we’ve got an appetite for destruction.

Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.