Companies should beware of increased malware threat

by Sohini Bagchi    Sep 06, 2012

malware macafeeEnterprises across verticals are seeing a phenomenal increase in the number of malware threats, according to the McAfee Threats Report for the second Quarter of 2012. The report found that this quarter sees the highest increase in malware samples detected since the past four years with an increase in ransomware, AutoRun worms and password-stealing malware.

“Over the last quarter we have seen prime examples of malware that impacted consumers, businesses, and critical infrastructure facilities,” said Vincent Weafer, senior vice president of McAfee Labs. He said that attacks that we have traditionally seen in PCs are now making their way to other devices. For example, in the second quarter, we saw Flashback, which targeted Macintosh devices and techniques such as ransomware and drive-by downloads targeting mobile.

McAfee revealed that the number of new ransomware threats increased to more than 120,000 during the second quarter, a significant rise from the first quarter. Thumb drive and password-stealing malware grew considerably. With nearly 1.2 million new samples of AutoRun worms detected, AutoRun malware posed a challenge during the quarter. In addition, 1.6 million new samples of password-stealing malware were detected. Overall, the firm detected an increase of 1.5 million in malware since the first quarter of the year.

The MacAfee report revealed that malware is not only becoming a global concern, in India too, the situation needs to be under check. Although India showed a steady rise in spam volume last year, it has stabilised over the last quarter. However, it features in the top ten countries that reported an increase of greater than 10 percent in new botnet senders. Most Indian organisations face issues with bot infections –topping the list of botnet senders for India are Cutwail and Grum.

“The global increase in malware threats will also affect Indian enterprises, especially those in the BPO and IT services segments doing business globally. Businesses with significant intellectual property (IP) or customer and financial data are also at a higher risk,” said Vinoo Thomas, Product Manager at McAfee Labs to CXOtoday.

Thomas believes that unlike in the past, cybercriminals today look for highly targeted information or data. In such a complex security landscape, CIOs must fortify their traditional defenses with newer layers of dynamic security solutions that would allow them to detect unknown threats in real-time, while blocking unwanted elements from entering their data or network.

The problem with many enterprises in India is that they still have the mindset of securing only their workplaces. However in era of enterprise mobility, companies should focus on advanced mobile device management tools to support their mobile platforms, said Thomas.

In regards to malicious sites, McAfee Labs recorded an average of 2.7 million new bad URLs per month. In June this year, the new URLs were related to about 300,000 bad domains — a figure that is equivalent to about 10,000 new malicious domains every day. Of these malicious URLs, 94.2 percent were seen hosting malware, exploits or code designed to hijack computers.