Number of Infected Websites Expected to Increase in 2013

by Julie Lynton

In 2013, malware including “trojans, worms, viruses and spyware”, represented the greatest danger to Internet users. SWITCH, the networking group of Swiss academia, discovered 2,849 infected with dangerous code last year. SWITCH is a not-for profit organization and a partner of the universities, that brought the internet to Switzerland 25 years ago and continues to provide security within the system. After SWITCH contacted the website domain owners and advised them of the need to remove the malicious code with a 24 hour limit, the code was removed from a total of 561 websites, another 51 domain names were removed. SWITCH acts at the first sign that a .ch site is spreading malware to protect a user’s computer from infection. Even just opening a page infected with the malicious code can cause harmful programs to be installed non a users computer. While malware can create problems with the normal operation of a computer, it may also gather sensitive data and cause financial loss while impacting the reputation of the user.

Trojan Horse: The Gift That Comes With a Price

Malware categorization is based on the ways in which an infection moves within a computer system and through a network. For instance, viruses use compromised media to transmit, while worms spread without user intervention within a network. Then there is spyware which invades a users privacy with the goal of accumulating information such as passwords and search patterns. With worms and viruses the user will typically not know that their computer is downloading and installing a program. On the other hand, with Trojan Horses, malware is disguised as “desirable software” and is installed by the user. However, this is not the kind of gift you would expect to receive from a company, such as a nice pen or a flash drive such as might be provided by the likes of corporate gift businesses such as http://www.solo.co.uk/. Instead, like its name implies, it is a clever diversion designed to infiltrate and destruct. Believing that this is however something the user wants, they will allow the program to run for a long period of time, allowing for a greater collection of information. A Trojan does not replicate automatically and cannot cause the scale of infection that viruses or worms can. Regardless, they now account for 74.46% percent of all computer infections.

Devious Methods Result in Increased Number of Infected Websites

In a media release published earlier this month, SWITCH announced they anticipate the amount of infected websites to increase in 2013. Over the first 3 months of the year, they discovered malware existing on 713 domains. This number represents an increase of 25% over the same number reported just last year. Since 2010, when the group began monitoring .ch sites for malware they’ve identified and contacted 5,439 domain owners. While the number of infected sites is increasing, so too are the devious methods of cybercriminals. Take for instance drive-by code. This is the installation of a malicious software that happens when it’s authorized by a user that doesn’t understand or is tricked to accept an installation by visiting a website, opening an email or clicking on a pop-up window. A simple click, in the belief that they are closing an advertisement, can start the download process. These types of code are designed to avoid detection and make it very difficult for domain name holders to delete it. There are currently plans at SWITCH to improve the information they can provide to assist in the removal of this code.

Switzerland Placed in Top Tier of Malware Safe Countries

Switzerland currently sits in third place internationally in terms of computer safety when it comes to malware protection. In Switzerland only 20.99% of computers are infected, in second place is Sweden with 20% and first place is Finland with 17%. The worst malware infections in the world, occurring in the first quarter of 2013, were in China with 53.4%, Ecuador at 41% and Turkey at 40,3%. Internet security is not 100% secure although preventative steps can provide a reasonable measure of safety. Weaknesses can include new vulnerabilities, human errors as well as previously unknown security holes. SWITCH recommends protecting websites by using strong passwords for the FTP account. Ensure all of the programs installed are kept up to date and check for malware and viruses on a regular basis.