MoMusings

Back in the days of the start of the malware threat; that’s 1986 for those of you too young or too disinterested to remember, we had a grand total of ‘three‘ computer viruses. So few you could count them all on one hand and have change to spare. Oh, those were the days!

Even in 1990s I knew most [if not all] the names and behaviours of all the viruses and other malware known. In comparison, I’m lucky if I can do the same for more than around 5 percent of all known malware today; there are just too many, and lots of them are very similar.

The ones I do remember are often those that do something interesting; such as have an unusual payload, use a new social engineering trick or target a previously safe file format or device as an infection vector.

So, why am I waffling on about the ‘old-days‘, am I just getting old and harking back to what I thought were better days?

No, of course not, things weren’t always better in the past, and anyone that says they were has a very selective memory.

The reason for this post is to highlight the fact that we’ve just broken through the 200,000 malware ceiling!

That’s right, there are over 200,000 pieces of nasty software which have been written by individuals for a variety of reasons, these include:

• The challenge
• Peer pressure
• The fun of it
• To hit back at society
• For political or religious gain
• For money
• For fame
• To get a job

There are lots of others and I’m not going to list them all here.

What is even more remarkable is that it took almost eighteen years for the number of malware to get to just half the current total. Yes, that’s right in the last two years the malware numbers have doubled!

Here’s a quote from McAfee about the growth:

“It’s remarkable that it took 18 years for our database to reach 100,000 malicious threats, and just under two years to double to 200,000,” said Stuart McClure, senior vice president of research and threats, in a statement. “Hackers are releasing threats faster than ever before, with 200 percent more malicious threats per day than two years ago.” McAfee added the 100,000th threat to its database in September 2004.”

At the current pace — 2006 should see more than 60,000 new threats, up from the 56,000 during 2005 — the 400,000 barrier should be broken in under two years, McAfee said.

My own statistics which I’ve maintained since 1986 show that McAfee had 100,191 malware detection signatures in their product by the end of August 2004, so who is right? Please bear in mind that McAfee asked me to supply some virus growth data as they didn’t have data for some months and years in their database.

Below are a couple of graphs created from my own database showing the growth over the years:

The first one shows the ‘running total‘ of malware:

The second one shows the ‘actual growth per year‘ of malware:

The worrying thing is that the pace of malware development and release is still accelerating, and we could see almost the ‘half-a-million‘ mark breached within 24-30 months from now. I no longer consider the phenomenal growth of these threats a milestone, I see it for what it really is a ‘millstone‘ round all of our necks.

This threat is holding computers and the internet back, threatening their very use, and potentially causing may to shun not only e-mail but the internet as a whole. If the bad guys and girls[1] get their way we will lose one of the greatest tools ever devised by human kind. It is time to stop glamorising these ‘criminals’, punish them don’t worship them. They are not Gods but those who would rather pervert or destroy instead, and what for? Their own petty egos or money of course; for glory or wealth, how selfish!

What do you think should be done to address the problem with those that create malware, run scams or spam us all?

[1] I include not only malware authors in this group but also the scammers and spammers.