Slight fall in number of malware cases: trend towards new techniques

Some 2,700 Swiss websites were cleaned of malware in 2013. While this represents a slight fall compared with 2012, SWITCH stresses that malware continues to pose a threat to Internet users and will give rise to new challenges in 2014. Almost 10 million new types of malware were discovered worldwide in 2013.

Published on 05.02.2014

According to the Threat Landscape 2013 report by the European Union Agency for Network and Information Security (ENISA), "drive-by downloads" are the biggest current cyber-threat. Malware includes viruses, spyware, worms and Trojans. Hackers gain access to a website using stolen or decrypted passwords. Simply calling up an infected site can result in harmful software being installed. 

Lucrative business model with new techniques

Never before have so many new types of malware been distributed. Techniques for infecting websites are becoming ever more refined. Harmful software usually reacts to new security vulnerabilities within hours to gain access to documents, log keystrokes or copy passwords, which are then sent to cybercriminals’ servers. Since harmful code is being hidden on websites in increasingly effective ways, it is becoming harder and harder to disinfect them, making the malware business model more lucrative.

Problem widely known

The problem of infected web servers hosting drive-by downloads is now widely known both internationally and within Switzerland. Excellent cooperation with Swiss hosting providers makes it possible to take decisive action against infected servers. "Criminal prosecution authorities around the world are also actively dealing with the people behind malware, as last year’s arrest of the author of the notorious Blackhole exploit kit proves", confirms Michael Hausding from SWITCH’s Security department.

Established disinfection process

When SWITCH identifies malicious software, it informs the domain name holder, who has 24 hours to remove the harmful code. If this deadline is not met, the website is blocked to prevent any further damage. Harmful code was removed immediately in almost 2,100 cases in 2013. A total of 35 domains were deleted after the operators failed to respond, and the authorities were notified in one case. SWITCH has identified 7,469 cases of malware since the process was introduced in 2010. By cleaning infected websites of malware, SWITCH helps to ensure the security and stability of the Internet in Switzerland.

ENISA report Threat Landscape 2013:

As a partner of the universities, SWITCH brought the Internet to Switzerland 25 years ago. Today, the non-profit organisation with 100 employees at its headquarters in Zurich develops Internet services for lecturers, researchers and students, as well as for commercial customers. SWITCH stands for security on the Internet. 

Attachments: Hi-Res Graphic for print

Links: FAQs on malware