Malware milestone as net threats double in two years

10 Jul 2006

IT security threats have doubled in less than two years, according to McAfee, which also claimed that the amount of malicious threats per day has grown by 200pc.

Having added the 100,000th threat to its database in September 2004, last week McAfee Avert Labs added the officially released protection for the 200,000th threat — a 60pc decrease in the amount of time it took to double the number of threats in the database since September 2004.

In 2004, McAfee added 27,340 new threats to its database. In 2005, it added 56,880 new threats. Since the start of this year, McAfee said it has added close to 32,000 new threats to its database, putting it on course to beat the 60,000 mark by the end of December.

If these trends continue, McAfee said it expects the 400,000th threat to be identified in less than two years.

Stuart McClure, senior vice-president, global research and threats at McAfee, said: “It’s remarkable to note that it took 18 years for our database to reach 100,000 malicious threats — and just under two years to double to 200,000. Although security awareness continues to improve, hackers and malicious code authors are releasing threats faster than ever before, with approximately 200pc more malicious threats per day than two years ago.”

Bots — compromised computers under the control of a third party — are still the leading cause of this dramatic growth, McAfee said. Exploits and downloaders are a close second. Email threats, which made up a large percentage of the threats in 2004, saw significantly smaller growth over the past two years when compared to other categories of malware.

Jimmy Kuo of McAfee, writing at the Avert Labs security blog, said: “Larger and larger numbers of malware is a plague, not a cause to celebrate. Instead, we mark this moment simply as a milestone in our continual trip to fend off the bad stuff from everyone’s machines.”

By Gordon Smith