Products & Releases

ScanSafe Report: Credit Crunch Fuels Surge In Web Attacks

In its newly released Annual Global Threat Report, company notes an explosive growth in malware throughout 2008
LONDON and SAN FRANCISCO — March 11, 2009 — ScanSafe, the pioneer and leading provider of SaaS Web Security, today issued its Annual Global Threat Report. The report is based on an analysis of more than 240 billion Web requests processed in 2008 by the ScanSafe Threat Center on behalf of the company's corporate customers in more than 80 countries. It represents the world's largest security analysis of real-time traffic.

The report reveals that there has been an explosive growth in malware throughout 2008. ScanSafe noted that there has been an overwhelming 582% growth between like quarters in 2007 and 2008 and a 300% volume ratio increase from January 2008 through December 2008. Exploits and iframes were up 1731% in 2008, while data-theft Trojans increased 1559%.

"We saw a continued acceleration of Web-delivered malware in 2008, reaching significant peaks in both October and November. The numbers are staggering," said Mary Landesman, senior security researcher, ScanSafe. "There is a high correlation of increased online crime with the decline in the global economy. It could be that the increasing levels of job loss and uncertainty are fueling the surge in criminal activity. It is also likely that cyber crime is proving to be a viable business opportunity in a climate where legitimate opportunities are becoming increasingly more limited."

Other key findings from the report include:

The Web is now a massive front for data harvesting Cyber criminals in 2008 have shown a change of intent and are now focused on the ongoing targeting and harvesting of sensitive data. Most of the malware delivered through the Web provides remote customization and configurability, enabling criminal attackers to target specific data and to remotely manage how that data is obtained. For home users, gaming credentials or credit card numbers could be at risk. For enterprises, there is the possibility of intellectual property theft and the potential to eavesdrop on all network transmissions via ARP poisoning or other man-in-the-middle attacks.

The credit crunch is fueling data theft In 2008, 14% of all ScanSafe Web malware blocks were the result of encounters with data theft Trojans, compared to 6% in 2007. Towards the end of the year (Q4) when the credit crunch was in full swing, we saw the largest growth in this category of threats. Not only did October and November 2008 show the highest levels of Web malware blocks but they also showed a heavy saturation of data theft Trojans.

Trusted sites pose the greatest risk In April 2008 ScanSafe counted an excess of 780,000 malicious Web pages from only five vertical interest sectors as a result of a single SQL injection attack. As a result of the continuing mass compromise of legitimate websites observed throughout 2008, the standard 'safe surfing' advice of avoiding unknown or non-trusted websites no longer applies. Today, it is the trusted sites that should be viewed as posing the greatest risk to Web surfers.

Energy & Oil sector has 400% elevated exposure to data theft Trojans ScanSafe discovered that the top five most at risk verticals were Energy & Oil, Pharmaceutical & Chemical, Engineering & Construction, Transportation & Shipping, and the Travel & Entertainment industry. The average number of unique new variants of data theft Trojans encountered by customers in the first three quarters of 2008 was 57. The Energy & Oil sector encountered 213, an elevated exposure of nearly 400%. For those in the Engineering & Construction industry, the unique variant count was 166, nearly 300% greater than the average.

"Today's malware is all about stealing and harvesting data. Cyber criminals have moved away from de-facing sites or merely designing malware as a prank and it is now created with commercial and criminal intent," comments Landesman. "Online crime has become a lucrative business and both commercial and personal data fetch a significant sum on black markets."

About ScanSafe ScanSafe is the largest global provider of SaaS Web Security, ensuring a safe and productive Internet environment for businesses. ScanSafe solutions keep viruses and spyware off corporate networks and allow businesses to control and secure the use of the Web and instant messaging. As a fully managed service, ScanSafe's solutions require no hardware, upfront capital costs or maintenance and provide unparalleled real-time threat protection. Powered by its proactive, multilayered Outbreak Intelligence TM threat detection technology, ScanSafe processes more than 20 billion Web requests and 200 million blocks each month for customers in over 80 countries.

The company received the CNET Networks award for Security Product of the Year 2008, a 2007 CODiE award for Best Software as a Service Solution, the 2008 and 2007 SC Magazine Europe Award for Best Content Security Solution and was named one of Red Herring's Top 100 Technology companies. For more information, visit

Editors' Choice
Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading