Energy Industry a Top Target for Malware, Study Warns

A report released Tuesday from ScanSafe, a Software as a Service (SaaS) Web security provider, highlighted the energy industry as facing a high risk of exposure from Web-based malware. Companies within that sector have a 189 percent higher risk than other sectors of the economy, according to the security firm's findings.

The pharmaceutical and chemicals industries have the second-highest risk of exposure, and the construction and engineering sectors followed at 181 and 144 percent, respectively.

Overall, ScanSafe found that the users it surveyed for the study faced a 553 percent increased rate of exposure in the third quarter of 2008 compared to the fourth quarter of 2007.

"The results of [this] analysis were pretty disturbing. The verticals that experienced a higher than average rate of exposure were those companies engaged in the energy and oil sector, pharmaceutical and chemical, and the engineering and construction industry, followed by transportation and shipping, media and publishing, travel, education, food and beverage, and finance," said Mary Landesman, senior security researcher at ScanSafe.

"Given the global impact of the energy and oil sector, it is particularly troubling to see that this sensitive sector is at the highest risk of Web-based malware," she noted. "And when one considers the top three most at-risk sectors include energy, chemicals and engineering, one has to question whether these encounters are incidental or whether these particular sectors are under attack."

Risky Business

Since the first and third quarters of 2008, the volume of actual malware blocks increased 338 percent, according to ScanSafe. The company recorded the highest number of malware blocks in July, driven by ongoing SQL injection attacks as well as a boost in socially engineered malicious e-mail .

The number of backdoor and password-stealing Trojans -- malware that can put corporate data at risk -- increased by 267 percent between January and September.

The report also found that nearly three-quarters of malware blocks discovered in the third quarter came from visits to compromised Web sites. Curbing these infections is a particularly challenging issue for corporations since the attacks are delivered silently and carried out through legitimate and often well-known sites.

The gap between zero-day Web-based malware and signature-based scanners also increased in September. ScanSafe found that 31 percent of malware blocks were zero-day and were not detected by signature-based scanners at the time of exposure.

Aviation, Automotive Safer

Not all the findings were grim, however. The report also found that government agencies scored a 0 percentage of risk from malware -- meaning the sector has neither a higher nor lower rate or exposure when compared to other sectors. The aviation and automotive sector had the lowest rates of exposure at -65 percent relative to other industries.

While overall risk has increased for most sectors over the course of 2008, Landesman told TechNewsWorld that the increase is not affected by the time of year or the approach of the holiday season.

"Malware is not a seasonal product. Rather, it is profit-motivated. The type of malware is largely dependent on what the attackers hope to accomplish and not tied to the time of year," Landesman said.

When the Web Attacks

Network security has traditionally focused on securing an organization's perimeter. However, Web sites are easy to set up and rather inexpensive, said Chris Rodriguez, a Frost & Sullivan analyst.

"As a result, Web sites and Web applications are everywhere and are untested [and] insecure. Worse still, this communication medium is available 24/7 and requires ports 80 and/or 443 to be open to the general public. Also, Web applications are usually integrated with sensitive back-end infrastructures -- servers and databases. This presents a glaring weakness in the security perimeter of even the most secure organizations," he told TechNewsWorld.

All companies should be concerned about their network security, said Beth Jones, virus researcher at SophosLabs.

"Web-based threats are a risk [and] attacks are on the rise. We see a Web site infected every five seconds, and of those, 83 percent are legitimate Web sites," she told TechNewsWorld.

"We often talk to customers how important having several layers of security are to their business. We strongly encourage not only having endpoint solutions, such as anti-virus and firewalls, but gateway and Web solutions and network access control. Of course, patching all machines on the network, whether they are Microsoft (Nasdaq: MSFT) or Linux or Mac, can't be stressed enough," Jones continued.