BOSTON, Jan. 22 /PRNewswire/ -- Sophos, a world leader in threat management solutions, has published its Security Threat Report 2007, examining the threat landscape during the previous twelve months, and predicting malware and spam developments for 2007. The report reveals that the U.S. hosts more than one third of the websites containing malicious code identified during 2006, as well as relays more spam than any other nation.

Notable findings from Sophos's Security Threat Report include: - 90% of all spam is now relayed from zombie computers - U.S. maintains top slot for relaying majority of spam (22%) - Sophos detected 41,536 new pieces of malware in 2006 (total protected against 207,684) - Trojans now outnumber Windows viruses and worms by 4:1 - The percentage of infected emails declined from 1 in 44 in 2005 vs. 1 in 337 in 2006 TWO COUNTRIES RESPONSIBLE FOR MAJORITY OF WEB-BASED MALWARE

With the U.S. and China representing nearly two-thirds of such threats, the top ten countries hosting web-based malware during 2006 were:

1. United States 34.2% 2. China 31.0% 3. Russian Federation 9.5% 4. Netherlands 4.7% 5. Ukraine 3.2% 6. France 1.8% 7. Taiwan 1.7% 8. Germany 1.5% 9. Hong Kong 1.0% 10. Korea 0.9% Others 10.5%

"The U.S. market is undeniably a target for online criminal activity. More and more, organizations with U.S.-based websites are falling victim to targeted attacks," said Ron O'Brien, senior security analyst for Sophos. "Anticipating this trend, Sophos released the first all-in-one web control platform, the WS1000, earlier this year in an effort to give companies the ability to provide trusted content security, application control and URL filtering in a single appliance solution."

DIRTY DOZEN SPAM-RELAYING COUNTRIES

In addition to hosting the largest number of malicious websites, the U.S. continues to top the list of worst spam-relaying nations. While the U.S. has made progress in its efforts to reduce spam-relaying statistics, there was still more spam sent from U.S. computers in 2006 than any other single nation.

The top twelve spam-relaying countries during 2006 were: 1. United States 22.0% 2. China (including Hong Kong) 15.9% 3. South Korea 7.4% 4. France 5.4% 5. Spain 5.1% 6. Poland 4.5% 7. Brazil 3.5% 8. Italy 3.2% 9. Germany 3.0% 10. United Kingdom 1.9% =11. Russia 1.8% =11. Taiwan 1.8% Others 24.4%

Sophos experts note that up to 90% of all spam is now relayed from zombie computers, hijacked by Trojan horses, worms and viruses under the control of hackers. This means that they do not need to be based in the same country as the computers being used to send the spam.

EMAIL THREATS DECLINE WHILE MALICIOUS WEB CONTENT CLIMBS

Sophos found that the most prolific email threats during 2006 were the Mytob, Netsky, Sober and Zafi families of worms, which together accounted for more than 75% of all infected email. However, Sophos predicts that 2007 is likely to see a significant shift away from the use of email security threats, with cyber criminals instead looking to exploit the continued global growth in web use, as well as user-defined web content.

Email will continue to be an important vector for malware authors, though the increasing adoption of email gateway security is making hackers turn to other means for infection. The number of websites being infected with malware is on the rise. SophosLabs(TM) is currently uncovering an average of 5,000 new URLs hosting malicious code each day.

"Cyber criminals are seeking new ways to distribute malware and the web seems to be the logical environment as mounting applications and social sites keep end users active on the internet," continued O'Brien. "From streaming audio/video to file-sharing sites online, businesses face a growing challenge of protecting their networks. In turn, companies must incorporate web security into their overall IT security strategy to compete in today's web- based world."

TROJANS TAKING OVER FROM SPYWARE

During 2006, Sophos saw a decline in the use of traditional spyware, in favor of multiple Trojan downloaders. The hacker sends a 'special offer' (or similar) email in an attempt to trick recipients into visiting a website containing a malicious downloader. The executable file will attempt to download additional Trojans, a process that may be repeated multiple times to try and disable all security defenses, before it downloads a spyware component - which will then have a better chance of success.

Statistics reveal that in January 2006 spyware accounted for 50.43% of all infected email, while 40.32% were emails linking to websites containing Trojan downloaders. By December 2006, the figures had been reversed, with the latter now accounting for 51.24%, and spyware-infected emails reduced to 41.87%. This trend is anticipated to continue into 2007 and beyond.

MALWARE TYPES DIFFER ACCORDING TO LOCATION

Sophos notes that 30% of all malware is now written in China, most of it taking the form of Trojans used for gaining a backdoor into users' computers. Surprisingly, 17% of malware written in China is designed for the specific purpose of stealing passwords from online gamers. In contrast, malware authors based in Brazil are responsible for 14.2% of all malware, the majority of which is designed to steal information from online bankers.

Sophos detected 41,536 new pieces of malware in 2006, bringing the total protected against to 207,684. Of these threats, Trojans now outnumber Windows viruses and worms by 4:1. The proportion of infected emails decreased from 1 in 44 during 2005 to just 1 in 337 during 2006.

The Sophos Security Threat Report 2007 can be downloaded from: http://www.sophos.com/securityreport2007.

To listen to the latest Sophos podcast, which discusses the report and the threat landscape for 2007, please visit: http://www.sophos.com/podcasts.

About Sophos

Sophos is a world leader in integrated threat management solutions, protecting against known and unknown malware, spyware, intrusions, unwanted applications, spam and policy abuse for business, education and government. Sophos's reliably engineered, easy-to-operate products protect more than 35 million users in more than 150 countries. Through 20 years' experience and a global network of threat analysis centers the company responds rapidly to emerging threats - no matter how complex - and achieves the highest levels of customer satisfaction in the industry. Sophos is a global company co- headquartered in Boston, Mass., and Oxford, UK. For more information on Sophos, visit http://www.sophos.com/.

For More Information Contact: Lisa Coulouris Jennifer Torode Racepoint Group Sophos (781) 487-4612 (781) 494-5885 lcoulouris@racepointgroup.comjennifer.torode@sophos.com

CONTACT: Lisa Coulouris of Racepoint Group, +1-781-487-4612, or
lcoulouris@racepointgroup.com; or Jennifer Torode of Sophos, +1-781-494-5885,
or jennifer.torode@sophos.com

Web site: http://www.sophos.com/
http://www.sophos.com/securityreport2007
http://www.sophos.com/podcasts