Forget the firewall. About 25 percent of malware today is designed
to spread via USB storage devices that connect directly to PCs. The
number comes from Panda Security, which recently surveyed 10,470
small and midsize companies -- those having up to 1,000 computers
-- in 20 countries. Roughly half said that their organization had
been infected by malware at least once in the previous year, and in
the United States, 27 percent said the origin was a USB device.
"Much of the malware in circulation has been designed to distribute
through these devices," said Luis Corrons, technical director of
PandaLabs. "Not only does it copy itself to these gadgets, but it
also runs automatically when a USB device is connected to a
computer, infecting the system practically transparently to the
user. This has been the case with many infections we have seen this
year, such as the distribution of the Mariposa and Vodafone
botnets."
Comparatively speaking, Panda found that 21 percent of malware
originated via email and 14 percent from downloads or peer-to-peer
networks. Infection-wise, the report also found that in the United
States, the number of organizations reporting a malware infection
over the past year increased slightly from 2009 to 2010, from 44
percent to 46 percent. In Europe in the same timeframe, however,
infections declined from 58 percent to 49 percent.
Viruses are still the most seen type of malware, accounting for an
average of 45 percent of the malicious code that makes its way
inside the network. Spyware, meanwhile, accounts for 23 percent.
According to the report, however, 13 percent of small and midsize
businesses don't have any security systems in place, with 57
percent of them saying their organization didn't regard security as
a priority. For companies with security in place, they
overwhelmingly (97 percent) do use antivirus software, with about
one-third using free antivirus software aimed at home users.
Personal firewalls are also quite popular, while anti-spam
technology is not.