News Vulnerability Management
Malware Peaks, McAfee Calls For Security Industry To Go On The Offense
New report shows 10 million new pieces of malware in the first half of 2010
Malware hit an all-time high in the first half of this year, at 10 million new samples, according to a new McAfee report, with the top two being AutoRun malware and password-stealing Trojans.
Meanwhile, McAfee also issued a call to arms for the security industry to play more offense than defense against today's attacks to get to the actual criminals behind the malware. Rather than continuing with today's approach of adding layers of security to defend against expected attacks, the industry needs to avoid attacks altogether by going aggressive, with the security community aligning forces and law enforcement operating proactively, according to McAfee executives.
More Security Insights
- A Smarter Approach: Inside IBM Business Analytics Solutions for Mid-Size Businesses
- Collective intelligence: Capitalizing on the crowd
- Informed CIO: SDN and Server Virtualization on a Collision Course
- Strategy: Building and Maintaining Database Access Control Permissions
- Mobile DevOps: Achieving continuous delivery with multiple front ends and complex backends in Banking, Financial Services, and Insurance
- How Cloud Facilitates an Agile Contact Center
"The tools and techniques of cybercrime continue to grow in number and sophistication at alarming rates. The cybercriminals prosper as they never have before because they have very little reason to fear the consequences. Maybe this is because we have really never given them a reason to fear," wrote Jeff Green, senior vice president of McAfee Labs and product development, in McAfee's new issue new issue of the McAfee Security Journal, published today. "This must change. We must adapt our industry at its core and at all levels. It is time to send the security industry on the offensive."
An offensive security strategy would mean using hackers' own tools, such as fuzzing and penetration testing; sharing intelligence among vendors and users; making the Internet Corporation for Assigned Names and Numbers (ICANN) take a harder line when accrediting domain registrars; ostracizing and decapitating botnets and their infrastructure; publicly disclosing names of cybercriminals and making this type of crime more risky for perpetrators; and educating the masses, according to McAfee.
McAfee says that while malware production was on a roll, spam, meanwhile, grew at only 2.5 percent in the second quarter from the first quarter of this year. Around 55,000 new pieces of malware appear each day, according to McAfee's new data (PDF). Fake antivirus and social media-borne malware, such as Koobface, round out the top four types of malware.
India had the most bot infections, close to 1.5 million, followed by Brazil, Russia, and Germany, each with more than 1 million infected machines. And McAfee says two throwback botnets are making a comeback this year, Storm and Kraken, both of which had practically disappeared some time ago. McAfee says a new version of Kraken is on the rise.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.