Malware plague hits 40 per cent of firms

Malware is now the FBI's number three priority behind counter-terrorism and counter-intelligence

Nearly half of companies globally have suffered a business disruption owing to malware, according to Webroot Software's latest State of Internet Security report. 

The organised nature, rapid growth and severity of cyber-crime has pushed it to the FBI's number three priority behind counter-terrorism and counter-intelligence. 

Webroot's research discovered that 4.2 million, or 1.7 per cent, of 250 million URLs around the world harbour malware. Almost three million of these malicious sites were discovered in 2006 alone.

"Our research has shown that the methods of infection, which just a short time ago were considered incredibly advanced, are now commonplace, demonstrating how quickly today's threats are evolving into a global security concern," said Webroot chief executive Peter Watkins.

"Despite the growth and severity of malware, over 60 per cent of businesses do not have an information security plan. Businesses need to control this threat by adequately protecting themselves and their customers."

The study also found that over 40 per cent of the companies surveyed reported business losses from a variety of spyware-related issues.

The most unsettling finding is that 26 per cent of enterprises reported that confidential information had been compromised as a result of spyware.

At the heart of this alarming trend is the rate of spyware infection. Some 39 per cent of companies reported Trojan attacks, while 24 per cent reported system monitor attacks and 20 per cent pharming and key-logger attacks.

The latest report from the Small Business Technology Institute found that 20 per cent of companies do not have adequate virus protection, despite the growing threats and the legal and regulatory compliance legislation. 

It also found that two-thirds of companies do not have an information security plan, and many only make a security decision after suffering a damaging information security incident.

"It is obvious from this research that businesses worldwide are operating under a false sense of security," said Watkins.

"Because of the impact on corporate revenues and reputation that unprotected users can cause, proactive security should be a top priority for every company. "