Posted by David Harley on December 15, 2015.
Counting malware: *”How do I loathe thee? Let me count the ways…”
Well, apparently we’re counting less. According to Kaspersky via SC Magazine, the daily total of new malware files detected fell in 2015 from 325,000 to 310,000. According to Phil Muncaster for Information Security, Intel/McAfee have reported a 4% overall drop in malware levels over Q3.
Sean Sullivan, for F-Secure, apparently commented by email on the disparity with AV-Test’s figures: I guess he was referring to the statistics quoted here, where AV-Test say they register ‘over 390,000 new malicious programs every day.’ (Though below that statement, the bar chart for new malware does hint that there might be an overall drop when the figures for the whole of 2015 are in.)
I actually prefer Sean’s other comment – as quoted by SC Magazine – that ‘…“counting” malware is a strange business’.
When I wrote about the difficulties of comparing statistics between companies I was most concerned with addressing the issue of disparate naming rather than overall sample numbers. (I was thinking about security companies, too, but it applies to testing organizations too.) Nevertheless, there are certainly comparison issues with the definition and classification of ‘new’ samples across a wide range of families and types. Inevitably, you can’t be sure that companies aren’t counting apples, oranges, grapes and melons in one big bucket, aiming to demonstrate how they’re finding and therefore detecting more samples than anyone else.
Perhaps Information Security (the magazine and the industry) is on safer ground when it refers to more specific trends (as flagged by McAfee). Perhaps the most interesting (if disquieting) from my point of view is the assertion that ransomware ‘…grew 155% year-on-year thanks to the ready availability of low-cost ‘ransomware-as-a-service’ tools on the darknet.’
*Shamelessly misquoted from Elizabeth Barrett Browning’s Sonnet 43 from ‘Sonnets from the Portuguese‘Submitted in: David Harley |