An alarming rise in the number of corporate data breaches, combined with a climbing sophistication of spyware threats and distribution methods, made 2005 the "biggest year yet for spyware," new research has claimed.
According to latest State of Spyware report issued today by Webroot Software, consumers, small businesses and enterprises across the globe all experienced a record number of infection rates for the worst types of spyware in 2005. Most alarming was the rise in the most malicious types of spyware - trojans and system monitors. For enterprises, between Q3 and Q4 of 2005, the number of trojan infections increased 9 percent. From Q2 to Q4 2005, the number of system monitors like keystroke loggers increased 50 percent consecutively each quarter.
"This past year was a boon for spyware criminals. Last month, Webroot surveyed U.S. businesses and found that over half of respondents reported a spyware-disruption that resulted in lost revenue, a statistic mirrored by a recent FBI study that surmised that computer-related crimes, such as spyware, cost U.S. business $62 billion. That is 10 percent more than all identity fraud and over 60 times the cost of telecommunications fraud," said David Moll, chief executive officer of Webroot Software. "This criminal enterprise we call spyware continues to advance in technology and sophistication. As long as the money and opportunities exist, so will spyware."
According to the report, 2005 was the worst year ever for data security losses. In all, more than 130 different security breaches exposed over 55 million Americans to a wide range of illegal activities, including the increased possibility of spyware infection and identity theft. Highly publicized security vulnerabilities in the software of two of America's most recognizable companies - Sony BMG and Microsoft - highlighted the disastrous potential spyware exploits can have on both consumers and enterprises, and pushed many enterprises to evaluate their compliance with government regulations around protection of their information assets.
Sony BMG's decision to use rootkits in its digital rights management software set off not only a firestorm of criticism, but also a firestorm of hackers and spyware purveyors determined to use the rootkit to install the most malicious types of spyware. Microsoft experienced a similar rash of criticism when the company revealed a major vulnerability, a WMF flaw that hackers could use to access and take control of a user's system.
The report also noted that throughout 2005, there was a steady increase in the complexity and severity of spyware technology. Keyloggers using kernel-level drivers became increasingly common as the year progressed, and the usage of polymorphic code continued to increase, according to the Webroot Threat Research Team, the company's internal research arm.
While some security analysts attribute this continued rise in technology sophistication to spyware developers' desire to capitalize on the increased number of published vulnerabilities, Webroot also found evidence that spyware developers are advancing their technology efforts to evade detection and removal, and maintain their revenue streams.
"Spyware criminals know that many users have some kind of internet security application deployed on their PCs. These criminals also know that many of these applications do not protect users against the most advanced technologies, such as trojan horses and keyloggers. To capitalize on these security weaknesses, spyware criminals are increasingly relying on the most advanced technologies to infect users," added Moll. "The only way users can be protected against these types of threats is to use an anti-spyware software that is recognized as a best-of-breed solution and includes frequent, automatic updates."