PandaLabs malware report – and the balance between law enforcement and user

Panda questions law enforcement's focus on copyright violators
Panda questions law enforcement's focus on copyright violators

PandaLabs’ Quarterly Report for Q1 2012 suggests that around 23% of computers in the UK are infected with malware – but that only Norway, Switzerland and Sweden have a lower infection rate. China is the most infected nation, where more than half of all computers are compromised.

The infections are likely to be trojans. PandaLabs said its "laboratory identified over six million unique malware samples," and that 80% of these are trojans. The second most prolific malware are worms, with viruses coming in third. The general trend is that criminals are increasingly using 'silent' trojans to steal identities and money, with the percentage of new worms and viruses continuing to decrease.

Ransomware is one type of trojan that has been particularly prolific this year. The most frequent are law-enforcement based. The trojan locks the computer and pops up a window claiming to be from the local law enforcement agency, which accuses the user of inappropriate behavior and demands payment of a fine before the computer will be returned.

The report also demonstrates the difficult balancing act faced by the anti-virus industry: between protecting its customers against all unwanted intrusion while simultaneously needing to support the efforts of law enforcement. After praising the efforts of the FBI in arresting members of LulzSec, the PandaLabs blog (not the operational site) was itself attacked and breached by Anonymous.

Yet PandaLabs does not appear to be entirely unsympathetic with Anonymous' own viewpoints. Talking about the FBI takedown of Megaupload, it says, "Well, as we all know, in the ‘real world’ cyber-criminals are siphoning millions of dollars into their pockets every year by attacking hundreds of thousands of computers. However, it seems that authorities consider copyright infringement to be far more serious. As always, this is a question of priorities, and it seems that in this case the highest priority of law enforcement agencies is not exactly to protect the individual."

And commenting on the reports of Japan’s Defense Ministry virus "capable of tracing and disabling computers being used in cyber-attacks against the country," it first explains why this is a bad idea, and then adds, users "can set their mind at ease, as we will detect every virus created, either by public or private writers."

What’s Hot on Infosecurity Magazine?