20 percent of all malware created was coded in 2013

Malware may have reached its 25th anniversary last November, but research just published claims that 20 per cent of all malware ever created was coded last year.

NCA warns UK of mass CryptoLocker ransomware attacks
NCA warns UK of mass CryptoLocker ransomware attacks

The study comes from Panda Security and the headline statistic works out as the equivalent of 82,000 malware threats per day throughout 2013.

Delving into the annual report reveals that more than seven in 10 of the new threats seen in 2013 were Trojans - with 21 million new variants popping out of the ether during the year. Worm, meanwhile, accounted for 13.3 and viruses 8.49 per cent of the year's pile of coding misery for IT users.

PandaLabs - the security vendor's research arm - singled out the major data breach at Adobe last October as a key event of the year. As widely reported at the time, source code for several Adobe applications - as well as the credentials of 38 million users - were exposed. 

Nigel Stanley, CEO and principal consultant with Incoming Thought, said that the tidal wave of malware - which shows no sign of abating - indicates that the cyber-criminal business model is still succeeding. 

"It shows us that cyber-crime is still a very viable business, with the return on investment on creating malware clearly reaping dividends for everyone involved," he said. 

"Our observations suggest that malware volume trend is definitely on the up, and it's only going to get worse when Windows XP goes end-of-life next month - at which point Microsoft will cease to provide updates. And that's before we even begin to talk about the impending Internet of Things, where all our devices, from the kitchen fridge upwards, are connected to the net," he said. 

So does Panda's annual report for 2013 truly reflect the status f the security sphere? SCMagazineUK.com polled several industry luminaries for their observations. 

Jaime Blasco, director of AlienVault Labs, was sceptical, pointing out that the analysis does not mean that malware authors are creating 82,000 new malware threats every day, as the number gets impacted by the use of tools that slightly modify the malicious files – effectively making them unique. 

"And again, it doesn't mean that security companies have to deal with 82,000 new malware threats per day. That being said, I have to agree that the number of samples has been increasing steeply in the last few years and it makes our work more challenging," he said. 

Over at Lancope, CTO Tim Keanini said that malware is an essential part of the adversaries' playbook and the exponential growth not only does not surprise me, but we should expect it to continue on this non-linear path. 

"I also think it is important that we interpret these numbers for what they are. In the early days of malware, the package was authored as a package start to finish but in this day and age, most of the distributions are delivered in kit form," he said.

"One can now pick and choose components of the malware from a very long list of options which results in a combinatorial number of different end products. On top of that, evasion techniques are parameterised so it is completely feasible for each malware from a common strain to have millions of different manifestation," he added. 

"When you combine all of this with the introduction of the Internet of Things where new platforms offer even more variations for malware and the numbers will get astronomical," he noted, echoing Stanley's observations. 

Troy Gill, security analyst with AppRiver, said he found that claim that 20 per cent of all malware was created in 2013 somewhat difficult to believe at first. 

"However, after reading the report it seems that the figure also refers to new variants, or `variants of known malware conveniently modified to bypass security products.'  Considering the latter statement this makes the claim seem much more realistic," he said, adding that his research shows that 2014 - so far - has been a banner year for malware distribution. 

"Only 77 days into 2014, we have already quarantined nearly as many emails containing malware than in the entire year 2013. Malware distributors are constantly modifying their malware to attempt to avoid detection," he explained. 

Dana Tamir, director of enterprise security with Trusteer, an IBM company, said that the number of reported Java vulnerabilities jumped significantly between 2012 and 2013, adding that IBM's X-Force Threat Intelligence report indicates that - with this increase in vulnerabilities - there has been a significant increase in Java exploits as well. 

"This was a result of the discoveries of new zero-day vulnerabilities and the introduction of exploits into popular exploit toolkits," he said.