Happy New Year

Happy new year to you all. If the predictions are right then we’ll be having a busy one. Just to get us into the right frame of mind for what’s ahead, there’s a good – and short – white paper entitled “The Online Shadow Economy” from Maksym Schipka of MessageLabs that’s well worth a read.

The paper doesn’t document anything new but it serves as a fitting reminder of the blackmarket built up around the exchange of malware between hackers. Some claim to be earning in excess of $10k a day but it’s not so much the amount of money as the sophistication of the industry that’s of the most concern.

Research “suggests that malware authors can produce new, unique malware every 45 seconds in order to keep it undetected” and code is sold along with guarantees that “that a given virus or trojan will not be detected using current antivirus programs. If vendors update their software, then the malware author will supply a new version.”

A few months ago I quoted John Pescatore from Gartner who predicted that “by the end of 2007, 75 percent of enterprises will be infected with undetected, financially motivated, targeted malware that evaded their traditional perimeter and host defenses.” Given the state of the black market, and the increased reports of foreign agencies taking an interest in getting back-door access to corporate data (for instance, see here) then I don’t see any reason to doubt that this prediction is too far from reality.

Happy new year indeed!