Microsoft on Monday revealed the results of a 15-month test of its Malicious Software Removal Tool. The utility that seeks out and destroys malware reported malicious programs, or bots, on six out of 10 Windows computers it examined.
Microsoft made the announcement at the Tech Ed conference in Boston, leaving little doubt that bots are pervasive on the Internet. Bots are automated programs that scan systems and Web sites. Search engine spiders that crawl the Web are good bots, but hackers use this same technology to control PCs so they can spread spam, attack Web sites or steal a victim’s identity.
“The malware environment out there is worse than most people even dream of,” Mike Murray, director of vulnerability research for nCircle, told TechNewsWorld. “This report underscores the need for people to understand their security and the need for vendors to work towards security as a goal of their product.”
Microsoft scanned 5.7 million consumer and small business PCs on which its Malicious Software Removal Tool was installed between January 2005 and March 2006. The results reveal that about 20 percent of the participating PCs had been cleaned, then re-infected, typically with a different kind of bot.
In addition, about 35 percent of the bots were installed after victims opened e-mail or IM attachments, or downloaded data files from peer-to-peer networks. The majority of the remaining bots spread without any required action by the victim.
At least one “backdoor Trojan,” a malicious computer code secretly installed onto PCs, was discovered on 3.5 million computers. That’s 62 percent. Most of the backdoor Trojans functioned as bots communicating over a private messaging channel to a remote attacker.
The malware problems are just going to continue escalating until the security community takes more aggressive steps to seek remedies, Murray said, and until consumers get more active in protecting themselves.
“Fundamentally, market conditions don’t change until consumers make them change. People today use whatever IM client their friends are on without regard to its security,” he noted. “Until the users are educated on the need for security and how security should affect their buying decisions it’s just going to keep getting worse.”
Murray points to Microsoft’s improvements. Microsoft security grew worse for several years before customers finally expressed outrage that caused the software giant to invest more research and development dollars on security solutions.
“Even though there are a lot Microsoft security advisories today, none of them are as severe as the vulnerabilities we saw two years ago,” Murray said. “Microsoft has done an excellent job making its products more secure because its customers said they had to. That has to start happening across the board.”
Security Starts at Home
Since vulnerabilities are less severe, hackers are relying on social engineering — strategies that entice victims to welcome the bots, Trojans and worms by opening a file or clicking a link — to get on the inside of the PC. That’s why consumer education is so key to preventing the problem.
“It’s important for consumers to make decisions to enhance their security rather than making most expedient choice that allows them to do whatever they want to do,” Murray noted.