IBM: Malware Getting Worse!

In a recent report, the IBM corporation informs us that the number of stealthy, targeted online attacks continues to grow in 2007. This means that - apart from the fact that people aren't secure enough and that security software developers are overwhelmed - hackers are striving harder and harder to get financial profits out of their activity. And as you might have figured it out by now, whenever money is involved, people get more ruthless. That's why, in their attempt to make more dough, black hatters are resorting to all sorts of schemes, and aren't making money just by regular frauds and thefts, but also by selling hackware and renting botnets for spam and some other illegal activities as well.

So that you get an idea of how malware has escalated this year (and just wait, we're only in September now) IBM's security division, namely the ISS X-Force has identified and analyzed more than 210.000 NEW malware samples. That's close to a quarter of a million, and they're all new. And who knows how many more threats are there in the wild?

"The X-Force security statistics report for 2006 predicted a continued rise in the sophistication of targeted, profit-motivated cyber attacks," said Kris Lamb, director of X-Force for IBM Internet Security Systems. "This directly correlates to the rise in popularity of Trojans that we are witnessing this year, as Trojans are often used by attackers to launch sustained, targeted attacks."

"The decrease in spam message size and image-based spam is a result of spammers adopting and experimenting with newer techniques, such as PDF- and Excel-based spam, as a means to more successfully evade detection by anti-spam technologies," said Lamb.

Some people - bothered by the long time it took them to open a message - close it instead…not anymore, though. With this size decrease, spam is more probably to hit its target.

In any case, malware isn't going down, as this report states. Things are worse than they were in 2006. Sure, some malware fighters have appeared and are doing their job, but they can't possibly net every threat out there. So don't expect protection from others. Instead, deploy security measures on you machine… I think I said this a 100 times before…