IID Reports 12 Percent of Fortune 500 Still Infected With DNSChanger MalwareNew infographic shows need for collective intelligence to stop malware from causing millions of dollars in damage annually
TACOMA, Wash. – June 28, 2012 – IID (Internet Identity®), a provider of technology and services that help organizations secure their Internet presence, today announced that 12 percent of all Fortune 500 companies and four percent of “major” U.S. federal agencies are still infected with DNSChanger malware. The company also released an infographic detailing how DNSChanger has infiltrated Fortune 500 companies and major government organizations. Today’s findings come less than two weeks before the July 9 deadline that requires the FBI to take down the temporary servers that enable millions of computers and routers infected with DNSChanger to still reach their intended Internet destinations.
“DNSChanger is an insidious form of malware affecting everyone from the everyday consumer to a large chunk of the Fortune 500,” said IID CEO Lars Harvey. “By working together to pool collective intelligence on the latest security threats, enterprises can ensure DNS resolvers do not enable employees to visit Internet locations hosting malware like DNSChanger—protecting their customer confidence, revenue, intellectual property and much more. We look forward to working with enterprises to accomplish this.”
To illustrate just how pervasive and problematic DNSChanger has been since being discovered in late 2005, IID has designed the first infographic detailing this malware infection. In addition to a timeline of how DNSChanger has progressed and an illustration of the collective intelligence that has helped combat the malware, the infographic shows exactly how employees at Fortune 500 companies became infected and how the malware’s spread could have easily been stopped.
IID’s ActiveTrust Resolver solution is being used by some of the world’s largest companies to stop their employees and systems from ever being able to connect with Internet locations loaded with malware like DNSChanger—fundamentally acting as a DNS firewall. ActiveTrust Resolver leverages collective intelligence on Internet security events to prevent these connections. IID amasses this real-time intelligence on the latest Internet security threats through a network of customers that includes five of the six largest banks in the U.S., the largest government agencies worldwide, and many of today’s leading financial services firms, e-commerce, social networking and ISP companies along with partnerships with hundreds of global law enforcement, security vendors, security researchers, and customers.
Internet to go Dark, Disable A/V
Because infected computers and routers will have no servers directing their DNS requests after July 9, the Internet may literally go dark for people using those computers or routers. Another effect of DNSChanger: if an enterprise’s employee has the malware on their computer even before the temporary servers go down, that enterprise is susceptible to having their proprietary information stolen. That’s because DNSChanger disables Anti-Virus (A/V) and regular software updates, exposing victims to attacks from other virus families. This enables criminals to view any data, messages exchanged and more on a victim’s computer, depending on what the victims’ machines are infected with.
How IID Came To Findings
By utilizing its ActiveKnowledge Signals system and data from other leading security and Internet infrastructure organizations, IID found at least 58 of all Fortune 500 companies and two out of 55 major government entities had at least one computer or router that was infected with DNSChanger. IID had found in January 2012 that half of all Fortune 500 companies and U.S. federal agencies were infected with DNSChanger.
Along with several other organizations and companies who have teamed up to combat DNSChanger by forming the DNS Changer Working Group, IID is offering to help identify the IP addresses of machines infected by DNSChanger on any enterprise’s network for free. All an enterprise needs to do is send IID their Classless Inter-Domain Routing (CIDR) blocks and IID will let them know if they've got an infection. You can contact IID directly by emailing email@example.com.
IID (Internet Identity) offers products and services that combat and mitigate cyber attacks in order to protect the growth plans, assets, and customers of enterprises and government entities. Armed with collective intelligence about the latest Internet risks, IID secures the networks of five of the top six banks in the U.S., the largest government agencies worldwide, and many of today’s leading financial services firms, e-commerce companies, social networks and ISPs. IID’s 24-7 analysts, and partnerships with law enforcement, service providers and security experts around the world ensure the protection of its customers. The company is headquartered in Tacoma, Washington. More information can be found at www.internetidentity.com.
Andrew Goss | Program Director
VOXUS PR for IID