Webroot State of Spyware Report Finds 2005 Biggest Year Yet for Spyware

Rise in Corporate Data Breaches Combined With Increase in Sophistication

of Spyware Threats Result in Record Infection Rates for

the Most Damaging Types of Spyware

Feb 07, 2006, 00:00 ET from Webroot Software, Inc.

    BOULDER, Colo., Feb. 7 /PRNewswire/ -- An alarming rise in the number of
 corporate data breaches combined with a steady rise in the sophistication of
 spyware threats and distribution methods made 2005 the biggest year yet for
 spyware, according to latest State of Spyware report issued today by Webroot
 Software, the leading anti-spyware developer.
     Consumers, small businesses and enterprises across the globe all
 experienced a record number of infection rates for the worst types of spyware
 in 2005 according to the report which contains data and information on the
 spyware plague for all of 2005.  Most alarming was the rise in the most
 malicious types of spyware -- Trojan horses and system monitors.  For
 enterprises, between Q3 and Q4 2005, the number of Trojan horse infections
 increased 9 percent and from Q2 to Q4 2005, the number of system monitors like
 keystroke loggers increased 50 percent consecutively each quarter.
     "This past year was a boon for spyware criminals. Last month Webroot
 surveyed U.S. businesses and found that over half of respondents reported a
 spyware-disruption that resulted in lost revenue, a statistic mirrored by a
 recent FBI study which surmised that computer-related crimes such as spyware
 cost U.S. business $62 billion.  That is 10 percent more than all identity
 fraud and over 60 times the cost of telecommunications fraud," said David
 Moll, CEO of Webroot Software.  "This criminal enterprise we call spyware
 continues to advance in technology and sophistication.  As long as the money
 and opportunities exist, so will spyware."
     According to the report, 2005 was the worst year ever for data security
 losses.  In all, more than 130 different security breaches exposed over
 55 million Americans to a wide range of illegal activities, including the
 increased possibility of spyware infection and identity theft.  Highly
 publicized security vulnerabilities in the software from two of America's most
 recognizable companies -- SONY BMG and Microsoft -- highlighted the disastrous
 potential spyware exploits can have on both consumers and enterprises, and
 pushed many enterprises to evaluate their compliance with government
 regulations around protection of their information assets.  Sony BMG's
 decision to use rootkits in its digital rights management software set off not
 only a firestorm of criticism, but also a firestorm of hackers and spyware
 purveyors determined to use the rootkit to install the most malicious types of
 spyware.  Microsoft experienced a similar rash of criticism when the company
 revealed a major vulnerability, a WMF flaw that hackers could use to access
 and take control of a user's system.
     The report also examines the effect data breaches had on the level of
 technology used by spyware developers.  Throughout 2005 Webroot researchers
 observed a steady increase in the complexity and severity of spyware
 technology.  Keyloggers using kernel-level drivers became increasingly common
 as the year progressed and the usage of polymorphic code continues to
 increase, according to the Webroot Threat Research Team, the company's
 internal research arm.  While some security analysts attribute this continued
 rise in technology sophistication to spyware developers' desire to capitalize
 on the increased number of published vulnerabilities, Webroot also found
 evidence that spyware developers are advancing their technology efforts to
 evade detection and removal, and maintain their revenue streams.
     "Spyware criminals know that many users have some kind of Internet
 security application deployed on their PCs.  These criminals also know that
 many of these applications do not protect users against the most advanced
 technologies such as Trojan horses and keyloggers.  To capitalize on this
 security weakness, spyware criminals are increasingly relying on the most
 advanced technologies to infect users," added Moll.  "The only way users can
 be protected against these types of threats is to use an anti-spyware software
 that is recognized as a best-of-breed solution and includes frequent,
 automatic updates."
     The State of Spyware report is an in-depth review and analysis of the
 impact of spyware, adware and unwanted software on consumers and enterprises.
 The foundation for much of the analysis and trends reporting comes from
 Webroot's consumer and corporate SpyAudit tools and from online research
 culled by Phileas, Webroot's automated spyware research system.  The SpyAudit
 tools invite both consumers and enterprises to scan specific PCs and determine
 spyware infection levels.
     The complete State of Spyware Report is available at
     Webroot Software, Inc. is the creator and publisher of the award-winning
 Spy Sweeper line of anti-spyware products for consumers, small businesses and
 enterprises worldwide.  Based in Boulder, Colo., the company is privately held
 and backed by some of the industry's leading venture capital firms, including
 Technology Crossover Ventures, Accel Partners and Mayfield.  Webroot's
 software consistently receives top ratings and recommendations by respected
 third-party media and product reviews, and has been adopted by millions
 globally.  Spy Sweeper and other Webroot products can be found online at
 www.webroot.com and on the shelves of leading retailers throughout the United
 States, Europe and Japan.  Webroot products are also available as either
 branded solutions or on an OEM basis. To find out more about Webroot, visit
 www.webroot.com or call 1-800-772-9383.

SOURCE Webroot Software, Inc.