Malware levels reach record high in Q2

Crooked internet registrations are one of the major causes of cyber crime today

Malware reached its highest ever levels in the first half of this year, according to new stats from McAfee, which has urged the industry to go on the offensive in the fight against cyber criminals.

The McAfee Threats Report: Second Quarter 2010 (PDF) recorded six million malicious files during the quarter, making a total of 10 million for the first six months of the year.

USB-borne malware, fake anti-virus software and social media specific malware were the most popular of the 55,000 new threats discovered every day on average.

Unsurprisingly, World Cup related scams and blackhat search engine optimisation attacks also peaked in the quarter.

"It is obvious that cyber criminals are becoming more in tune with what the general public is passionate about from a technology perspective, and using it to lure unsuspecting victims," said Mike Gallagher, chief technology officer of global threat intelligence at McAfee.

"These findings indicate that not only should cyber crime education be more widespread, but security organisations should move from a reactive to a predictive security strategy."

This more offensive strategy, as outlined in the McAfee Security Journal, requires more proactive law enforcement and a more cohesive approach by the security community.

Botnet takedowns, end-user education and greater information sharing between computer users, security professionals and administrators, are all important aspects, said McAfee.

The vendor also urged the use of increased fines and the public disclosure of cyber criminals' names in order to make it more difficult to generate money from such scams.

Finally, McAfee laid a large chunk of responsibility at the feet of the Internet Corporation for Assigned Names and Numbers, which it said should take a stronger stance on cyber crime because it is responsible for approving the registrants that sell the domains used to host malicious sites.

The calls echo those made by the Serious Organised Crime Agency earlier this year, when it highlighted the problem of DNS abuse, calling for a "minimum standard for registrations".