Badware is a defining challenge for individuals, businesses, and governments throughout the world. Cybercriminals have developed a mature badware economy in which individual computers and legitimate, reputable websites are turned into badware distribution vectors, often without the knowledge of their owners.
The badware economy is complex, multi-layered, and versatile: badware increasingly evades detection or classification, transcends national boundaries, and adapts to the security industry’s attempts to excise it.
“Security research statistics and media headlines frequently proclaim that badware is on the rise, but understanding badware’s prevalence requires a deeper examination of the interconnected systems it preys upon,” said Maxim Weinstein, StopBadware’s executive director.
StopBadware’s report “The State of Badware” examines the limitations of today’s approaches to understanding the badware problem and illustrates how unilateral approaches to security are insufficient to address the challenges faced by the Internet ecosystem.
The report is intended as a resource to assist policymakers, businesses, and individuals in understanding the current badware landscape and how it is evolving. The report points out blind spots in the way people think about badware measurement and identifies weaknesses in the landscape.
“At a micro level, badware targets flawed software and unsuspecting users,” said Weinstein, “but there are also broader issues of economic incentives and legal frameworks that allow cybercriminals to exploit the Internet ecosystem itself.”
StopBadware’s report identifies key areas for improvement and cites “an opportunity for policymakers and industry players” to create new and more centralized methods of measuring and responding to the badware threat.
The complete report is available here.