informa
3 min read
Products & Releases

ScanSafe Report: Signature-Based Scanners Miss 58% of Malware

In its quarterly Global Threat Report, ScanSafe also finds rate of Web-delivered malware increased sharply in Q1 2009
LONDON and SAN FRANCISCO — May 7, 2009 — In its quarterly Global Threat Report issued today, ScanSafe, the pioneer and leading provider of SaaS Web Security, reported that at its highest peak in Q109, 58% of Web malware blocks were zero day threats. On average, the rate of zero day malware blocks was 20% in 1Q09, meaning that companies using signature-based scanning alone could have been heavily exposed to malware during this period.

ScanSafe noted that the rate of Web-delivered malware increased sharply in the first quarter of 2009 " another 19% from 4Q08. 2008 was the highest year on record for Web-delivered malware, with a staggering 300% increase from 2007. The report also revealed that 35% of malware blocks in 1Q09 resulted from visits to compromised websites. In addition, 28% of Web malware exposures blocked in the first quarter of the year were the result of data theft trojans. "Zero day malware is increasing and with signature-based scanners not picking up an average of 20% of malware, it is now crucial to use real-time scanning to ensure that your employees, network and most importantly, your data is not at risk," said Mary Landesman, senior security researcher at ScanSafe. "With malware increasing in both volume and sophistication and no foreseeable slow down in sight, it is more important than ever that companies have a comprehensive Web security solution in place." Particularly concerning in the first quarter of 2009, was the outbreak of bank-related data theft trojans known as Zeus botnets. Zeus bots are known for browser traffic sniffing and intercepting data keystrokes, which can lead to data theft and the compromise of FTP credentials.

Zeus was previously implicated in a 6 million dollar commercial account heist on 20 European banks and is believed to be controlled by Russian cyber criminals. Early this year, Zeus botnet was deployed to swipe 1.6 million sensitive records from job seekers at Monster.com and several other online job sites, among other scams.

"Zeus is a prime example of how cyber criminals are developing more sophisticated tactics to steal valuable data and will continue to do so," said Landesman. "Previous to the 1Q09 outbreak, Zeus botnet was thought to have infected about 100,000 computers. Given the Zeus activity in 2009, it is likely that the number of Zeus bot-infected computers has increased proportionately."

To obtain a full copy of the latest ScanSafe Global Threat Report, please visit www.scansafe.com.

About ScanSafe ScanSafe is the pioneer and largest global provider of SaaS Web Security, ensuring a safe and productive Internet environment for businesses. ScanSafe solutions keep malware off corporate networks and allow businesses to control and secure the use of the Web. As a SaaS solution, ScanSafe eliminates the burden of purchasing and maintaining infrastructure in-house, significantly lowering the total cost of ownership. Powered by its proactive, multilayered Outbreak Intelligence threat detection technology, ScanSafe processes more than 20 billion Web requests and 200 million blocks each month for customers in over 100 countries.

In 2009, the company was awarded "Best Content Security" solution by SC Magazine Europe for the third consecutive year.