According to Ironport, a cybersecurity company based in the United States, Windows computer users are left unprotected against new malware attacks for a total of 56 days each year.
Ironport reports that, on average, antivirus companies take nearly a day to produce an “antidote” from the moment a new virus is detected. Sometimes, updates can occur very quickly, but generally, users’ computer systems remain vulnerable for many hours.
For instance, the update to combat the Sober worm took 16 hours and 14 minutes after the new variant emerged. In contrast, the Bagle worm “teased” security firms for 79 hours and 25 minutes, while it took an average of 496 hours and 16 minutes to effectively combat Mytob.
Many groups developing malicious software increase pressure on antivirus companies by continuously releasing multiple versions that differ only slightly. The more variants there are within the same virus family, the longer it takes to recognize and adjust to them. To date, the Mytob family has launched over 100 versions.
Ironport’s email traffic monitoring system collects information from over 100,000 organizations worldwide. Matt Peachey, Ironport’s Director for Northern Europe, stated that monitoring this traffic allows them to detect virus outbreaks as soon as they begin since messages containing viruses typically have similar email sizes. According to Peachey, a surge in emails with attachments around 60-100 KB indicates that a new worm is being disseminated.
