A generic background image tangentially related to the post

Reports highlight recent malware explosion

Eric Tabor  |  May 9, 2014

Share: Share on FacebookTweet about this on TwitterShare on LinkedInGoogle+

Malware is long-running and consistent threat to companies and computing end users, and, while the cybersecurity community has worked hard to close vulnerabilities and make carrying out exploits more difficult, malware continues to proliferate. Two recent reports highlighted massive spikes in malware infections in late 2013 and the beginning of 2014, respectively. The data should be instructive to companies looking to keep malware out of their networks. With infections on the rise and becoming more insidious, companies can benefit from enlisting malware removal services to address this ongoing problem.

A long-term malware infiltration
In Microsoft's most recent Security Intelligence Report, the company noted that the average rate of malware infection nearly tripled in the final quarter of 2013, due largely to a single malicious browser plugin. In the third quarter of 2013, an average of 5.8 out of every 1,000 Windows computers were infected with malware, but that number increased to 17 per 1,000 in the fourth quarter of the year, according to Tim Rains, director of Microsoft's Trustworthy Computing division.

Much of the increase was due to the proliferation of a program called "Rotbrow," which comes disguised as a browser add-on security product called "Browser Protector," Rains said, according to PCWorld. Computer security companies failed to identify the software as malicious at first because it was not itself dangerous, and it did not do anything threatening immediately. Instead, the program is what's known as a "dropper," a program designed to download other software onto a computer. Eventually, Rotbrow began downloading malicious browser extensions and code such as Sefnit, a botnet tool linked to click fraud and ransomware schemes. Microsoft noted the change and alerted security companies, but the program was already installed on a large number of computers.

"I would characterize it as a low and slow attack," Rains told PCWorld. "They were patient and waited a long time before they started to distribute malicious stuff. I think they gained a lot of people's trust over time."

Rains noted that Microsoft has generally improved its products, reducing the number of remote exploitation vulnerabilities in its software by 70 percent from 2010 to 2013. As a result, malware infection schemes have gotten more elaborate and expensive to carry out. One increasingly common approach has been to bundle malware with legitimate software or music.

A flood of email attacks
Another recent study from email firm AppRiver screened more than 14 billion email messages in the first quarter of 2014. Of those, nearly 10.9 billion were spam, and another 490 million contained malware. The company concluded that one in every 10 pieces of email was malicious, and January was the biggest month for malware traffic since 2008. AppRiver security analyst Fred Touchette warned people to exercise more caution toward emails that address the recipients in vague terms or by their email addresses.

Both studies show that malware threats continue to be a major problem for companies and their employees. Even as tools and awareness to prevent infections improve, the threats are becoming more complex and infections are growing more common. For businesses, the best solution may be to work with a managed services provider to access malware removal and managed network security services to remove the threat.

The following two tabs change content below.

Eric Tabor

Chief of Staff | Vice President- Strategy & Operations at ISG Technology
Eric joined ISG Technology in 2012 bringing with him experience from ISG’s parent company, Twin Valley Telephone, Inc. He is a member of the Twin Valley senior management team that managed the company’s organic and acquisition growth strategies resulting in the company tripling in size from 2005-2010. Prior to joining Twin Valley he held sales and operations leadership roles at Southwestern Bell/SBC in multiple Midwest locations. He holds a B.A. in Mass Media and Communications from Washburn University. Eric currently resides in Olathe, KS with his wife and their two children.
About

Eric joined ISG Technology in 2012 bringing with him experience from ISG’s parent company, Twin Valley Telephone, Inc. He is a member of the Twin Valley senior management team that managed the company’s organic and acquisition growth strategies resulting in the company tripling in size from 2005-2010. Prior to joining Twin Valley he held sales and operations leadership roles at Southwestern Bell/SBC in multiple Midwest locations. He holds a B.A. in Mass Media and Communications from Washburn University. Eric currently resides in Olathe, KS with his wife and their two children.

Posted in Blog, Security Tagged with: ,
Menu