Sophos Security Threat Report, July 2008

Filed Under: Malware, Podcast, Spam

SophosLabs has issued the July 2008 edition of its regular Security Threat Report, this time looking at the first six months of the year.

One of the major themes of the year has been the increase in web-based malware threats, in particular SQL injection attacks, with the labs discovering some 16,173 new infected webpages every day - one every five seconds.

What has surprised some people is that some 90% of the infected pages are on legitimate sites that have been hacked. Whereas in the past it was possible to tell people to avoid "shady" areas of the web (pornography, gambling, warez), that really doesn't work anymore. The message should be loud and clear - websites big and small, well-known and obscure, can be a risk to unprotected users.

A lot of the media coverage for the report has focused on a tiny part of it: our statistic showing that 2% of the malware is hosted on Blogspot.com. If you think about it, Blogger/Blogspot's position is probably not surprising - it's a phenomenally popular platform for people to create their own webpages (blogs), and gives internet users the ability to comment on other people's blogs. Inevitably, there are ne'er-do-wells out there who will try and abuse a great service like that, and try and plant malware and malicious links. For its part, Google - the company who own Blogspot - takes security seriously, and works hard to shut down webpages serving up malware.

The report not only discusses the threat of web attacks, but also charts the top web-based malware, and what countries are hosting the most malicious code on their websites. But it doesn't stop at the web, the report also looks at how email-based threats have changed in nature, the latest developments in spam, and how Linux computers are being hit by a six-year-old virus.

There's much more in the full report - but don't take my word for it - grab yourself a free copy.

You may also be interested to hear the podcast I recorded with Carole Theriault, discussing some of the findings of the threat report. We recorded it at the end of a long day, which may explain why the two of us sound pretty relaxed. Download the podcast directly, or use iTunes to check out our two year archive of podcasts and subscribe if you like.


You might like

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.