by Constantine von Hoffman

Research Roundup: Less Spam, More Mobile Malware and a Third of all Site Traffic Poses a Threat

Feb 23, 20122 mins
CybercrimeMalwareMobile Security

2011 was a record-setting year for attacks on smart phones and tablet computers.

Content scrapers, hacking tools, content spammers and an array of other “spies” make up nearly a third of all traffic at most websites, according to a new report. The report, from web security firm Incapsula, says that non-human traffic makes up 51 percent of the total traffic to a site. Some of that is benign – two-fifths of the non-human stuff is good bots like search engines. The rest is designed to damage your site or steal your information. The data was compiled from a sample of one thousand websites of Incapsula customers, with an average of 50,000 to 100,000 monthly visitors.

There’s less spam and PC malware. The last quarter of 2011 saw spam levels at their lowest point in years, especially in the United Kingdom, Brazil, Argentina and South Korea, according to McAfee. Also, PC-based malware actually declined during the last three months of the year, and is significantly lower than in 2010. Unfortunately …

Last year saw increased malware for smart phones and tablets. Reports by both McAfee and Juniper Networks found last year was a record-setting year for mobile malware. No surprise that as Android has the biggest market share it is also the most popular target.

According to the McAfee report:

Contributing to the rise in malware were rootkits, or stealth malware. Though rootkits are some of the most sophisticated classifications of malware, designed to evade detection and “live” on a system for a prolonged period, they showed a slight decline in Q4. Fake AV dropped considerably from Q3, while AutoRun and password-stealing Trojan malware show modest declines.

Companies can’t keep up with malware threat. Ninety five percent of all enterprises are exposed to malware on a daily basis, according to security firm FireEye. The volume and sophistication of threats is outpacing businesses’ ability to counteract these risks despite an estimated $20 billion spent annually on IT security.