Arlington, VA (Gawkwire.com) Cyveillance, the world leader in cyber intelligence, today announced that a recent test of best-of-breed anti-virus vendors and Web browser anti-phishing filters revealed that more than half of active malware and phishing threats on the Internet go undetected, with an average detection rate of 37 percent for malware and 42 percent for phishing. This data(1) was captured as part of Cyveillance’s "2H 2008 Cyber Intelligence Report," which was issued today.
"Given the dynamic nature of today’s online threats and the traditionally reactive approach taken by today’s malware and phishing detection technology, conventional signature-based solutions are inherently at a disadvantage to keep up," said Panos Anastassiadis, CEO and Chairman of Cyveillance. "Because the majority of damage occurs during the first 24 hours of an attack, early detection of attacks is crucial. By combining today’s defensive technologies with proactive intelligence gathered in real-time, organizations can significantly limit the harm inflicted by today’s dynamically changing threats."
In addition to a detailed evaluation of the effectiveness of leading anti-virus malware detection and Web browser anti-phishing technologies, the report also tracks the online "fraud chain" comprised of malware components that store and serve malware executables, distribute malware to consumers, and receive and store the confidential information collected from infected computers.
Other key report findings include:
– Data tracked during second half of 2008 shows that the United States and China continue to be the top distributors of malware on the Internet.
– 159 unique new brands were phished in the second half of 2008, which represents a slight decrease compared to the number of new brands targeted during the same time a year ago.
– Phishers continue to expand attacks globally and across new industries. In the second half of 2008, Cyveillance saw an increase in the number of new phishing targets in countries that had yet to be phished as well as new targets in the media and social networking industries.
Anti-virus Malware and Web Browser Test Results
More information about Cyveillance’s testing of anti-virus malware vendors and Web browser anti-phishing filters is included in the company’s "2H 2008 Cyber Intelligence Report."
Cyveillance identifies a malware threat as a file or application downloaded from a Web site or server that exhibits properties that are both involuntary and malicious in nature. An active malware threat is one that has been located on a live Web site within the last 30 days.
Because anti-virus solutions primarily detect previously identified malware threats, perpetrators quickly replace recently discovered malware threats with modified versions and exploit this discovery lag-time to evade detection and infect unsuspecting machines. As such, the Cyveillance test which took place between November 30 and December 29, 2008, looked at twelve best-of-breed anti-virus vendor solution(2), deployed in their default settings with auto-update features enabled to ensure all malware signatures were within vendor parameters.
Phishing threats are social engineering scams that rely on both technology and human interaction to carry out online fraud and identity theft. The schemes are varied but typically involve a spoofed (spam) email that mimics an email from a legitimate and respected organization in order to steal personal information (e.g., username and password, credit card number, Social Security number, etc.). The information collected is then used for identity theft purposes.
To better understand the daily risks consumers face from phishing attacks, Cyveillance test sampled unique and confirmed phishing attacks uncovered against a variety of organizations. To measure the effectiveness of some of today’s leading consumer anti-phishing protections (3), Cyveillance fed these confirmed live attacks through four of the most widely used browsers with embedded anti-phishing technology. The data was fed in real-time to each browser and then again 24 hours later to determine detection rates over a minimal period of time.
All figures and statistics in the Cyveillance "2H 2008 Cyber Intelligence Report" are actual measurements rather than projections based upon sample datasets. The cyber intelligence included in this report includes data collected and analyzed between July 1 and December 31, 2008. It represents aggregate cyber intelligence findings that Cyveillance has delivered to its OEM data partners, except where otherwise noted. For more information about
Cyveillance’s research findings, please visit: http://www.cyveillance.com/web/forms/request.asp?getFile=113.