The Mac Security Blog

Malware

After the 10th Annual ‘Safer Internet’ Day, What’s Changed and What’s Stayed the Same?

Posted on by

Today is the 10th ever Safer Internet Day, an international day of awareness to help us all make the Internet a safer place to play and do business. A lot has happened in the last 10 years, both in terms of the Internet itself and specifically in terms of the safety of the Internet. Many users have only just started using the Internet in the last 10 years, so now is a good time to look back at a few notable events.

The CAN-SPAM Act of 2003 Tried to Curb Unwanted Emails to Minimal Effect

The CAN-SPAM Act has helped prosecute a number of major spammers, but it has had some issues as well. Initial definitions were so weak, they actually seemed to legalize spam, and clearly the quantity of spam out there has not decreased since the act was implemented. In fact, spam has become an even greater percentage of the total number of emails crossing the networks. For every spammer or spam-sending botnet that has been shut down, another one takes its place.

When the act debuted, the total spam percentage was 40% of all email, which quickly grew in 2004 to over 72%. At its highest the total overall percentage of unwanted emails hit a whopping 97% of total emails in 2010, but as prosecution and takedown of botnets has become more effective, that percentage has decreased to around 70% of all email throughout 2012.

The Malware Wars of 2004 Kept Researchers and System Administrators Up Nights

I won’t sugarcoat it – 2004 was a miserable, sleepless year to be a malware researcher thanks to the “Malware Wars.” As the financial motivation of malware gained steam, several competing malware gangs released worms that hit outbreak level, sometimes multiple times a day. That meant being called in at all hours of the day and night to respond in an adrenaline-filled emergency situation, and working long hours to help customers protect and clean up their networks.

10 years later, stealth is the order of the day. Outbreaks the size of those in 2004 now means the malware gang has drastically screwed up, and they will probably be shut down quickly. Instead of fighting a small handful of massively prevalent malware, we’re now fighting against a huge number of much more targeted malware. The total number of all known malware was well less than 200,000 in 2004, and now the total of malware discovered each day is around 200,000.

Software Vendors Stole Personal information for Targeted Advertisements…and They Still Do

There are a number of trends in privacy that would ring a bell today, such as customers, researchers, and government entities battling against companies that are trying to gather information from customers (with little to no transparency to their actions) in order to create targeted advertisements. While now this battle mostly takes place in websites and mobile apps, in 2004 this primarily took the form of “adware” that was bundled with free software. In some cases, the privacy violation was so shady and egregious that researchers termed the programs “spyware.”

In a way, the seeds of the current era of malware era were planted in 2004. Much remains the same, with hardly any improvement. The need for protection and awareness have not diminished, and a lot of the recommendations for safeguarding your computer and your privacy have not changed, though the stakes have certainly increased.

Behind the scenes, however, a lot has changed. More countries have enacted laws against spam, phishing, creating malware, perpetrating computer-related fraud, and privacy violations. This, in turn, has naturally led to an increase of successful prosecution of cybercriminals. More people are using some sort of security software. There is more cooperation amongst those fighting cybercrime, which helps with the process of identification and prosecution.

What can you do to improve things in your own little corner of the Internet? Here are three basic tips:

  1. Check the privacy settings of the social networking sites you use and the EULAs of the apps you install
  2. Report instances of cybercrime (including malware infections) to an antivirus vendor or government agencies
  3. Use layered security strategies, including antivirus software, a firewall, and data encryption

Though we’ve made some progress towards creating a safer Internet, we still have a long ways to go. Here’s hoping the next 10 years will continue to bring substantial improvements.

image credit: saferinternet.org