Nestled into a storefront at the top of San Francisco's tree-lined
Valencia Street is one of the city's top defenses in the war against
malicious-software infections: a computer repair shop owned by Del
Jaljaa.
People bring their infected computers to Jaljaa's San Francisco Computer Repair store
5 to 10 times a day, desperate for help restoring their devices to
working order. In the past few years malware has grown to be about a
third of his business. "It's our bread and butter," he said.
Getting computer infections more often? You're not alone.
Infections from malicious software -- harmful code that's also known
as malware and that includes things like computer viruses and worms --
are keeping repair specialists like Jaljaa busy, thanks in part to an
exponential rise in the types of malware hitting PCs. Malware detections
by AV-Test, a company that tests the effectiveness of antivirus
software, spiked in 2014 to more than 143 million, up 72 percent from
last year, according to a report released Thursday.
To put that in perspective: there was more malware found over the last 2 years than in the previous 10 years combined.
Other malware watchers, such as security-software makers Malwarebytes and Kaspersky, have noticed similar trends.
Kaspersky saw four times more mobile malware attacks in 2014 than the
year before, said Patrick Nielsen, a researcher with the company.
For years, antivirus software blocked malware based on the malicious
software's code. But would-be hackers found a way around that: They can
buy or freely download malware code; then change just a few pieces of
it. Suddenly, the code is invisible to the antivirus programs, and free
to wreak havoc.
It's not unlike plagiarizing grade-school
homework, said Timo Hirvonen, a senior researcher at security-software
maker F-Secure. "It's as easy as removing a word or adding a letter to a
Microsoft Word document," he said. As a result, malware is changing so
often that it's getting harder to stop.
The security industry
has attempted to find an answer. One of the newest techniques is to keep
track of how malware behaves and what it tries to do. Imagine malware
that attempts to copy your online-banking password: any file doing this
would be tracked by these new security tools.
Data from AV-Test shows malware attack rates spiking.
AV-Test.org
Even then, however, security researchers say they're barely keeping their heads above water.
"At the pace we're going, that's just not feasible [to defend against]
anymore," said Jérôme Segura, senior security researcher at
Malwarebytes.
The escalating game of cat and mouse has even
entered the world of cryptography. Hackers are jumbling the code of
their malware to avoid getting caught, using the same techniques
companies use to protect sensitive files.
Avoiding "shady websites," as Nielsen put it, isn't enough in an age when malware can be delivered by ads on legitimate sites like Yahoo News.
So should we just swear off computers forever?
Jaljaa, the computer-repair-shop owner, said there are simple things
people can still do to keep themselves safe. Users still need to install
antivirus and other security tools, as they've been doing for years, he
said. But they should also make sure to keep all their software up to
date.
And if you do get a malware infection you can't get rid
of? Well, there are always people like Jaljaa to bail you out. But it'll
cost about $130.
No comments:
Post a Comment