Have you ever thought about measuring the Internet in terms if malware per minute? Me neither, but someone has and it makes for uncomfortable reading if you are a Microsoft Windows user.
How fast is the Internet? It depends on the metric being used, of course, but one new report published this week has an interesting new take on this old question. How does four malware apps per minute grab you? According to German security vendor G Data , the number of new malware applications has already hit a record for the first half of the year with more than a million recorded in just six months alone.
The 1,017,208 malware programs represent an increase of 50 percent compared to the same period last year, and security experts are now confidently predicting that by the end of 2010 we will have witnessed more than two million of them. Of that million or so malwares, 99.4 percent was written to target the Windows Operating System. Breaking it down further, 42.6 percent were Trojans, with downloaders and droppers representing 20.3 percent. Backdoor malware code makes up just 12 percent of the total, while worms represented just 5.27 percent of the total.
"The current numbers are alarming. The malware industry has published nearly four new viruses per minute in the first half of the year" so says Eddy Willems, G Data’s Security Evangelist, who added that the attackers are mainly targeting social networks and their members as they represent "especially profitable targets because of their high number and their interlinked nature".
DaniWeb asked Mr Willems why the number of new malware apps was so high? "Because it’s an easy and profitable business" was the answer, with Mr Willems insisting that the risk of finding the hackers responsible is relatively very low. "Cybercrime is very high and mostly coming from regions as Russia, India, South-America" he told us, adding "where people generally don’t earn too much in comparison with the rest of the world". You might be excused for thinking that such high numbers of new malware applications must mean that security vendors are doing a bad job and this is being exploited by the bad guys. But actually it is more likely to be exactly the opposite, in fact, with security vendors doing such a good job of identifying and countering malware that the rogue coders are forced to churn out new versions in ever increasing number and ever increasingly faster for good measure. Eddy Willems told DaniWeb that "security vendors are doing a good job as we can still counter all of these malware ASAP when released by use of the reactive and proactive solutions".
Of course, there is also an argument to be had which says that if security vendors were doing a really good job then no malware would be able to execute a payload and the bad guys would not be making any money. If that were truly the case, then surely we would be seeing criminal gangs giving up and turning their attention to something else. The sheer scale of the increase in new malware code that is being released would tend to suggest that this is not the case, and that there is still plenty of money to be made with malware.
I'm a hacker turned writer and consultant, specialising in IT security. I've been a freelance word punk for over 20 years and along the way I have seen 23 of my books published, produced and presented programmes for TV and radio, picked up a bunch of awards and continue being a contributing editor with PC Pro - the best selling IT magazine in the UK .
I spoke to a woman on a tech support call once, and she said "This thing popped up and said I had 875 viruses and that my computer was at risk, and to click this button to clean it, so I did and I paid the money, but I don't think it cleaned it because that kind of stuff just keeps popping up!" This I think highlights at least a huge portion of the overall problem; extremely unwise decisions by users! When I asked the lady why she clicked in response to a message coming from a program she obviously hadn't bought, she couldn't really say.
I wouldn't go as far as to say that all, or even most, malware attacks that result in the attacker getting money, are caused by users doing things like that, but it's hard to understand why this kind of thing is still going on, when for such a long time the standing warning has been to be very careful what you click on! Many malware programs would be dead in the water without some kind of user interaction.
That said, although I think Macs are inherently less prone to most malware in the first place, I also think part of the reason for that is it's relatively small user base and that because of that there just aren't huge numbers of programmers bothering to write anything for that platform. Still, that's not nearly enough reason for me to switch to a Mac.
I also think part of the reason for that is it's relatively small user base and that because of that there just aren't huge numbers of programmers bothering to write anything for that platform. Still, that's not nearly enough reason for me to switch to a Mac.
ok, time to quit thinking and start learning. Windows users log in with "Administrative Rights" by default. This means they can do anything, and any process running under their userid can run anything and do anything - this means that you run Internet Explorer with your admin UID and anything that hits IE has administrative rights because the user does and malware hitting IE can do anything it wants to a windows system.
MAC/BSD & Linux do not assign Administrator (called Root) rights to any person by default, so any program hitting my browser can't really do anything because my UID isn't allowed to mess with much but what resides under my own home directory (pictures/documents etc). I have to explicitly log in as Root to alter my system or use another temporary sudo command which allows me to do a root task only after entering a password.
If I was Root all the time like Windows users are Administrator equivalents then my system would be just as insecure as yours - but it just ain't that way.
Anyway, for the record, I'm a Windows user and don't have an expensive Mac OS machine here.
Yeah, Detroit, I know all that, so I didn't really learn anything new. But down where the rubber meets the road, where people who are not technically savvy actually live and work, there is not so much of that knowledge, and knowing that doesn't change the fact that, root or not, if people were more diligent about being careful what they click on the problem wouldn't be nearly as bad. Not saying it would go completely away, but it just wouldn't be as bad as it is. As I said, a large number of these attacks require some sort of user interaction.
Since there aren't any (or almost no) virus protection programs for Linux/BSD/Mac, and millions of users (especially in the server area), they would be a prime target if malware could be developed to target those OS's. It's an open door, but so far the few who have been able to get through have seen that door close rapidly, so there is only one profitable option for crackers and anti-virus companies.
Every once in a while I still get an e-mail where someone wants to transfer $20 million from a third world country and wants me to help. You would think that this scam would have run out of gas years ago, but apparently there are still some suckers out there. It may come down to a variation of firstname.lastname@example.org where you would report malware, and also click some button in the browser to validate the popup's claim before you commit. I'm afraid there is no cure for stupidity (and if someone does have a cure, please send me some)!
Malware takes many forms, it's not just down to 'allowing a popup to occur' and nothing in this news story suggest that it is. The truth is that every OS allows a user to click on a link that downloads something, and allows a user to then execute that downloaded something. Whether that executable can actually do any damage or not is another thing, and the G Data research would suggest that in 99.4 percent of cases only Windows users are at risk as the malware is coded to target them alone.
Ubuntu Linux is very similar to Windows and computers like Dell sell computers with it on them. Since it is free, the computers are cheaper but I have read articles about how they are not eager to sell them. If the malware becomes a problem for many more people, then many more people will switch.
Super-fast and great-looking, Ubuntu is a secure, intuitive operating system that powers desktops, servers, netbooks and laptops. Ubuntu is, and always will be, absolutely free.
If the malware threat was going to make any significant impact upon people switching to Linux/MacOS then I suspect it would have done so by now, to be honest. People stick with what they know and what is easiest (and not just in usability terms but also purchasing, cost, marketing, software availability etc).
By the time you count servers in addition to single-user machines, yes, there are millions of computers out there running MacOS and some flavor of Linux. However, that's very relative; there are still 9-10 times that many running Windows. This makes Windows not only the biggest target, but it's hard (and foolish) to deny that Windows has some inherent issues that contribute to it being such a target.
Still, the idea that there are millions of users of MacOS/Linux and still relatively few malware attacks aiming at them solely because they are inherently more secure is just not true, since there ARE malware that target both of them. The inherent security might be a big factor, but not the only one.
However, all that aside, we'll probably never know just how much impact the size of the user base has on where malware writers focus their efforts, because it is practically guaranteed that Windows will maintain its extremely heavy market dominance for the foreseeable future, certainly for the rest of all our lives.
I'm not saying I'm hoping that or would prefer that; that's just how it's going to be. Time will tell of course, but I think it's a pretty safe prediction.
I've always been of the opinion that there is a multiplying effect for Windows users. User base - sure, but look at the nature of the user base. Every two-brain-celled moron seems to have a Windows machine. Linux ain't an option for them - too complicated/unusual - a Mac may be something that they wouldn't consider for other reasons (I think you know what I'm getting at). So, I can't see much point in targeting Linux users as they tend to be (I may be wrong) technically-savvy and probably security minded. Mac users, from my own experience of them, tend to be a bit more clued-in about their IT. Having said that, I'm a Windows user, having totally failed to grasp Ubuntu and can't afford a Mac.
Doesn't this once again prove the fact that almost 90% of computer clients use Windows?
Doesn't it say again that all attackers are in fact highly paid scum-coders coming from other software vendors publically respected, starting with OS-es and ending with browsers and other mainstream applications?
But what it really says is that yet again Windows is the most advanced and secure OS in existence, and that it will become even more secure progressively as the number of attackers grows on, never leaving windows to rest feeling secure but pushing it to sport methods of unbeatable security up to the point of perfection, lying just a few years ahead.
Summing it up, imagine one day Microsoft coders turning against their filthy competition with the same measure considering that the competition security is still on infant stages, always comfortable and never being harassed, - where they would end?