Sophos, a world leader in protecting businesses against viruses,
spyware and spam, has revealed the top ten viruses and hoaxes
causing problems for businesses around the world during the month
of September 2005.
The report, compiled from Sophos's global network of monitoring
stations, reveals that Netsky-P, the worm written by convicted German teenager
Sven Jaschan, continues to head up the top ten, nineteen months
after it was first detected. Sophos reports that the average age of
the top ten viruses is eight months, demonstrating that a large
number of users are still being complacent about installing and
updating their virus protection.
The top ten viruses in September were as follows:
At the top of the chart, Netsky-P has risen in prevalence for
the second consecutive month, from 14.7% to 18.6% - there has also
been an increase in reports of other old-timers Zafi-D and
Netsky-D. With a growing number of targeted threats being written
for financial gain, Sophos is seeing a drop in mass-mailed attacks,
allowing for the more established email viruses to maintain their
prominent position in the top ten. Sophos first issued protection
against Netsky-P on March 22, 2004. Variants of the Mytob worm,
which was first identified in March 2005, continue to account for
around half of all viruses reported in September.
"Netsky-P's continued dominance raises serious questions about
the level of security currently deployed by some PC users," said
Carole Theriault,
senior security consultant at Sophos. "Businesses and home users
alike have had nineteen months to update their software, but an
alarming number still obviously haven't got round to it. There's no
doubt that greater education is needed to alert users about the
severe security risks posed by such lax behaviour."
The Netsky-P worm spreads via email and internet file-sharing
systems, and has to tempt PC users into launching an infected file.
The news that individuals are continuing to fall for this trick and
downloading infected files, coincides with a recent Sophos survey, which
revealed that 79% of IT professionals believe employees are putting
their organisations at risk by failing to act safely online.
"Not only must firms ensure that they keep their virus, spyware
and spam protection updated, but IT managers have to start
enforcing strict security policies to ensure employees don't
jeopardise that protection through reckless online behaviour,"
added Theriault. "Smaller, targeted attacks are on the increase,
with the emergence of a new breed of financially-motivated online
criminal. The concern is that if users continue to combine unsafe
computing practices with outdated threat protection, they'll be a
soft target for this new form of attack."
On a positive note, there has been a further drop in the number
of infected emails - the fifth in successive months. Sophos's
research shows that 1.53%, or one in 65 emails, circulating in
September were viral, while Sophos identified and protected against
1,233 new viruses during the month. The total number of viruses
Sophos now protects against is 110,457.
In order to minimise exposure to viruses, Sophos recommends that
companies deploy a policy at their email gateway which blocks
unwanted executable attachments from being sent into their
organisation from the outside world. Companies should also run
up-to-date anti-virus software, firewalls and install the latest
security patches.
The top ten hoaxes reported to Sophos during September 2005 were
as follows:
"While it's another month at the top for the Hotmail hoax, it's
encouraging to see that the ICE virus hoax has fallen by five
percent in the last month, as life in London continues to return to
normal following the July terrorist attacks," said Theriault.
Sophos has made available a free, constantly updated information feed for intranets and
websites which means users can always find out about the latest
viruses and hoaxes.
Graphics of the above top ten virus chart are also available.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.