Where have all those malware epidemics gone?

It’s been years since we’ve last heard of any large worm epidemics. Does it really mean that malware epidemics have gone away for good?

Perhaps everyone older than 25 might remember those huge worm epidemics; they looked absolutely apocalyptic. For instance, the SQL Slammer worm crippled the Internet in its entirety in late January of 2003, almost cutting off large swaths of the Web, such as in South Korea. The worm hit most of its 75 thousand victims within ten minutes. It was like a tornado wreaking havoc globally.

There were few equally powerful epidemics before and that, but, personally, I remember- ILoveYou/LoveLetter, Anna Kournikova, Code Red, Melissa – all of them occured in late the 1990s and early 2000s. It all reminds me of the Simon & Garfunkel’s song: “Time it was, and what a time it was…”

Suddenly, however, they all seemed to go away. When was the last time we heard about some global malware epidemic? Nothing comes close to what Slammer did, or to the damage which ILoveYou caused: it was estimated that it cost the US $15 billion to remove the worm, while overall it hit about 45 million computers globally.

Where are they now? Looks like malware of that scope is history now. Why? Many reasons could be given, some bring solace and some don’t.

The “good” reasons are that most of those worms were exploiting multiple flaws in Microsoft Windows. Microsoft, since then, has improved the quality and security of its products, so another Slammer seems rather unlikely.

The second reason is that security vendors learned lessons as well: behind the scenes there is a permanent arms race between malware authors and malware busters. A proactive approach to security is the result of this effort.

The third reason is that users tend to become smarter: having at least some sort of protective solution on a PC is common now. However, the situation is not the same on mobile devices.

There is, however, a fourth, darker reason. The malware itself changed as did the malware authors’ goals. Profit motivates malware creators now.

There is still probably a way to nuke the entire Web to shambles: this guess is pretty educated, given the #Heartbleed discovery earlier this year. Just imagine something “slammer-like”, exploiting this flaw. Or recall a well prepared DDoS-attack on the Internet root DNS servers that happened almost exactly 12 years ago. They were hit by “thousands” of malware-infected PCs, but modern botnets may account for millions of boxes, ready to serve a next to unlimited supply of trash traffic to any target.

Yet another attack took place in 2007, albeit less successful.

Such would-be attackers will have a hard time trying to blackout the entire Web today; here’s the explanation why.

But would these global attacks bring any profit? Nope. Neither did Slammer or other worms that spread globally. Perhaps, those worm authors received their share of glory in the blackhat underground, although it’s quite surprising that the real author(s) of Slammer is (are) still unknown.

Today’s blackhats don’t work just for this twisted kind of glory and demonstration of destructive power of their creations. They want your money.

And they have many tools for this. Trojans, backdoors, malicious sites that inject your PC with malware via browser flaws, social engineering, fraud and whatever else to get to other people and businesses’ finances via their PCs and mobile devices.

The most common mobile OS Android today is often considered to have the same issues as Windows 10-15 years ago. However, today’s security problems and challenges are different because in the 2000s cybercriminals were mostly just vandals, but now those script-kiddies have grown into full-sized professional thieves and robbers. So the owners of insecure mobile devices as well as businesses employing BYOD without additional security measures are in greater danger than users of antivirus-less Windows 98 back in the day.

It would be wrong, however, to state that large-scale infections have gone away completely: huge botnets consist of numerous malware-infected PCs, thus they are the closest counterpart to the old-time epidemics. It’s just the malware “agents” that are different.

And the criminals’ intent.

Good Gets Better: KIS 2015

Like it or not, your children are going to be on the web. Kaspersky’s award-winning parental controls let you monitor their activity and block them from any sites that you choose.