Zero-Day Web Malware Blocks Surpass Yearly Average

PRESS RELEASE

LONDON and SAN FRANCISCO - December 18, 2008 - In its monthly Global Threat Report issued today, ScanSafe, the pioneer and leading provider of SaaS Web Security, reported that the rate of zero-day malware blocks increased in November to 26%. The number increased significantly from the 16% of zero-day malware blocks reported in October and the 19% average reported for the year.

"Throughout November, attackers were more intent than ever on ensuring the malware they used would bypass traditional security measures," said Mary Landesman, senior security researcher at ScanSafe. "Given the dynamic and costly nature of today's Web threats, real-time scanning of Web traffic before it reaches the enterprise is more essential than ever."

In its latest report, ScanSafe also noted that backdoors and data theft Trojans increased from 13% of all Web malware blocks in October, to 30% of all blocks in November. Backdoors and data theft Trojans allow attackers to target exactly what type of information is stolen. For example, on a user's home computer, these Trojans can enable attackers to target credit card or banking information. Similarly, on a corporate network, attackers can "custom fit" the malware to retrieve confidential or proprietary information. Because data theft Trojans can be remotely configured, they can be especially destructive and difficult to identify.

"The recent increase in backdoors and data theft Trojans is very concerning given the seriousness of this category of malware," said Landesman. "Heightened exposure indicates attackers are going to new extremes to get their malware in front of users, perhaps as a result of the declining economic climate."

The rate of exposure to compromised Web sites decreased in November, from 65% of all Web malware blocks to in October to 33% in November. However, the decline in exposure via compromised Web sites was offset by zero-day threats and the serious increase in risks from social engineering techniques. The end result: despite the decrease in website compromises, the overall rate of Web-based malware was only 2.4% less than the rate in October, the highest Web malware month in history.

The ScanSafe Global Threat Report represents the world's largest security analysis of real-world corporate Web traffic and is based on an analysis of more than 20 billion Web requests the company processed each month for customers in over 80 countries. About ScanSafe

ScanSafe is the largest global provider of SaaS Web Security, ensuring a safe and productive Internet environment for businesses. ScanSafe solutions keep viruses and spyware off corporate networks and allow businesses to control and secure the use of the Web and instant messaging. As a fully managed service, ScanSafe's solutions require no hardware, upfront capital costs or maintenance and provide unparalleled real-time threat protection. Powered by its proactive, multilayered Outbreak Intelligence TM threat detection technology, ScanSafe processes more than 20 billion Web requests and 200 million blocks each month for customers in over 80 countries.

With offices in London and San Francisco, California, ScanSafe is privately owned and financed by Benchmark Capital and Scale Venture Partners. The company received the CNET Networks award for Security Product of the Year 2008, a 2007 CODiE award for Best Software as a Service Solution, the 2008 and 2007 SC Magazine Europe Award for Best Content Security Solution and was named one of Red Herring's Top 100 Technology companies. For more information, visit www.scansafe.com. ### Susie Bailey | Corporate Communications Manager, EMEA ScanSafe, The Connection, 198 High Holborn, London WC1V 7BD, United Kingdom T +44 (0) 20 7959 0648 | F +44 (0) 20 7959 0631 | M +44 (0)7875 360 437 [ Anywhere + is the CNET 2008 Security Product of the Year: CNET judges said "With security within the enterprise still causing headaches, extending protection to the mobile workforce is often an agony too far. Delivering security-as-a-service through mobile connectivity, ScanSafe has an answer that is a very good fit to the way people actually work." To find out more click here P Think of the environment. Do you need to print this email?