The Regin spy bug uncovered by software company Symantec was effectively the spillover of a sophisticated cyber-warfare skirmish between nation states, cyber experts agree.
Dublin: 24.11.2014 09.26PM
The case for keeping operating systems up to date has strengthened, with Microsoft’s latest Security Intelligence Report showing a sharp dropoff in the number of infections in more recent versions of Windows.
Volume 8 of the report, published yesterday, covers the period from July to December 2009. It found that more recently released operating systems and service packs have “consistently lower” infection rates than earlier versions. That’s true for both client and server platforms. Windows 7, which was released in the second half of last year, and Windows Vista with Service Pack 2, have the lowest infection rates of any platform on the chart.
For operating systems with service packs, each successive service pack has a lower infection rate than the one before it. The infection rate for Windows XP with SP3 is less than half of that for SP2, and less than a third of that for SP1. Similarly, Windows Vista SP2 has a lower infection rate than SP1, which has a lower infection rate than Windows Vista RTM.
The Microsoft report also found that seven out of every 1,000 computers worldwide is infected with some form of malware. Viruses remain the single largest group by type, based on the number of unique samples recorded in the second half of last year.
More than 71.9m new viruses were submitted, although Microsoft warned that the large number of virus samples is caused by the fact that viruses can infect many different files, each of which is a unique sample. As a result, sample counts for viruses shouldn’t be considered as an indication of large numbers of true variants for these families. Releasing malicious code with minor changes is also a useful tactic for avoiding detection by security software, Microsoft noted.
In the second half of 2009, 26.8m of miscellaneous Trojans, 9.1m Trojans and droppers, and 4.6 potentially unwanted software were detected. Microsoft said many attackers use Trojan downloaders and Trojan droppers, such as Win32/Renos and ASX/Wimad to distribute other threats, such as botnets, rogues, and password stealers, to computers.
There are no figures for Ireland, but the UK had an infection rate of 4.1 per thousand PCs, lower than the worldwide average. The report noted a similar malware profile between the US and the UK.
Rogue security software, sometimes dubbed scareware or ransomware, is one of the fastest-growing categories of malware, the report found. Microsoft security products cleaned rogue security software–related malware on 7.8m computers in the second half of last year, a 46.5pc increase from the first six months of 2009.
The report authors suggest the growth is because it offers online swindlers larger payoffs compared to other net threats. Rogue software tells the victim that their computer has been infected or has a flaw, and offers to fix the supposed problems for a price.
To gather information for its biannual report, Microsoft uses data collated from more than half a billion Windows machines worldwide and also draws information from some of the software giant’s internet services, such as Windows Live Hotmail and Bing.
By Gordon Smith
Photo: Microsoft's Security Intelligence Report Volume 8 found that more recently released operating systems and service packs have lower malware infection rates than earlier versions