Do Computers Have a Flu Season?
January 16, 2013
We often talk about the flu season (which is supposed to be the worst on record right now). But did you ever wonder: is there a computer flu season? Is there a point in time when your computer is more at risk than normal, or is security always something to worry about?
We wondered, and we dug into some raw data to find out.
We began our research with the McAfee Quarterly Threats Reports. If you’ve never read one, these reports provide a great snapshot of the IT threats landscape, pointing out where trends are developing in the world of malware. We highly recommend them.
The last quarterly report for 2012 hasn’t been released yet, but we do have complete figures for 2009 through 2011. Here’s how malware grew in total for that three year period:
Going by the total infection rate, nothing’s changed in the last few years (except total number). Every year grows at a steady rate, building on the previous year’s crud. But this graph just reflects total malware: how much new stuff is getting released per year?
We can see from this graph that there’s a lot more variance in the amount of new malware that gets released each year as opposed to strictly looking at the sum total. Whereas the total number keeps climbing, the amount of new bugs has actually shrunk in the past.
That’s a good thing, since antivirus works a lot like the flu vaccine. Because different flu strains come to prey on us every year, the vaccine has to constantly change to keep up. New malware requires antivirus companies to develop new updates to fight off the threats, whereas old bugs that have been discovered are patched and can’t cause as many problems.
In 2011, the amount of new computer malware released steadily declined; accordingly to McAfee, new bugs accounted only for about 18% of total malware. The downside to this trend? Mobile malware rose during the same time period.
All of this data agrees with what we experience with our clients. We typically don’t see any particular time of year when malware is more common. What we do see after a new vulnerability crops up is a period of 1 to 2 weeks during which the antivirus companies figure out how to defend against it, and before people get their software updates. That’s the danger time for IT security: prior to the inoculation’s availability.
Actually, because of how well antivirus companies and their “vaccines” have gotten, the traditional view of a computer virus is a misnomer now. Most of the attacks today are based on exploiting security vulnerabilities already found in software (such as the recent JAVA scare).
The other major way bad guys get into a system is when someone is tricked into opening the gates to the IT fortress (known as social engineering). Here’s an example: you’re researching something for your next work project, and a shiny popup plasters your screen, maybe claiming you’ve won a prize or that you need a new antivirus program. Clicking on the popup gives that program permission to bypass your computer’s protections; in essence, you’ve just given the virus permission to steal your computer.
Quick tip: the next time that happens, try pressing ALT + F4. That should get rid of all open windows without downloading anything dangerous.
What does all this data say to us? IT security isn’t a one-time concern, or limited to your work machine: it’s something you need to proactively plan for across your entire business.