The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/7599
www.iltanet.org 8 Peer to Peer BEST PRACTICES S everal years ago, some industry analysts predicted that viruses and other forms of malware would soon become a trivial problem. They couldn't have been more wrong. Over the past few years, there's been a sea-change that's largely gone unnoticed. The Internet is rife with malware, and the repercussions of being infected are more serious than they were before. There are more than 30,000 new malware variants each day, and valid commercial sites are routinely hacked to foist this malicious software on unsuspecting visitors. The payloads are designed to do things like steal banking credentials, use the infected computer to distribute spam, get the user to pay for fake antivirus software — anything that can ultimately generate a profit for the creator. The criminals behind this are aggressively finding and exploiting vulnerabilities in software that enable the malware to install without user interaction. (One such vulnerability in Internet Explorer was used to attack at least 34 corporations, including Google and Adobe. A patch was released in late January). They are also using flaws in website security to help them with delivery. A few weeks ago, one of our lawyers was trying to visit the website of a small law firm in Washington, D.C. Each time she tried, she got a pop-up saying her computer was infected, and she didn't understand why. As it turns out, the website had been hacked to redirect traffic to a malicious site hosting the fake antivirus software. The sheer volume of new malware has seriously eroded the effectiveness of traditional antivirus software in preventing infections; the vendors just can't create that many signatures fast enough. It also makes it next to impossible for vendors to provide descriptions of what a particular piece of malware does or how it spreads. That means if you do get infected, you won't know what your collateral damages are (documents stolen, banking credentials revealed) or how to prevent the virus from spreading from one computer to another within your network. It's now all the more important to prevent infection in the first place. So, how do we prevent infection in this hostile environment? Several things can help: • Don't just rely on end-point protection. Make sure you have robust Web content filtering in place to help block the malware before it gets anywhere near your computers. This product space has changed significantly in The Internet: Something Wicked This Way Has Come Malware Detections Jan '09 - July '09 This map illustrates the infection rates of locations around the world, expressed in a metric called CCM that represents the number of computers cleaned per thousand executions of the Malicious Software Removal Tool. www.microsoft.com/sir Malware Detections by Country/Region (per 1000) 37 + 31 to 37 26 to 31 21 to 26 17 to 21 13 to 17 10 to 13 7 to 10 5 to 7 3 to 5 1.5 to 3 0 to 1.5 the number of infected computers discovered per 1,000 executions of the MSRT. For example, a region colored yellow would have an infection rate of between 7 and 10 computers per 1,000 executions of the MSRT. Image: Microsoft Security Intelligence Report (SIR)