|
Symantec Corp. released its new Internet Security Threat Report volume XV, which highlights key trends in cybercrime from Jan.1, 2009 to Dec. 31, 2009. Criminals from the Internet’s underground economy aren’t just content to steal hard-earned money from ordinary users, they are increasingly focusing their efforts on high-end crime. Symantec’s Internet Security Threat Report reveals continued growth in both the volume and sophistication of cybercrime attacks.
“Attackers have evolved from simple scams to highly sophisticated and focused campaigns,” said Vishal Dhupar, managing director, Symantec, India. “The scale of these attacks and the fact that they originate from across the world, makes this a truly international problem requiring global cooperation.”
Notable trends highlighted in this year’s report include:
• Cybercriminals have turned their attention toward enterprises, given the potential for monetary gain from compromised corporate intellectual property (IP). The report found that attackers are leveraging the abundance of personal information openly available on social networking sites to synthesize socially engineered attacks on key individuals within targeted companies.
• Web-based attacks continued to grow unabated. Today’s attackers leverage social engineering techniques to lure unsuspecting users to malicious Web sites. These Web sites then attack the victim’s Web browser and vulnerable plug-ins normally used to view video or document files. In 2009, India ranked second for origin for Web-based attacks in APJ, with 16 percent of the APJ total. This is a significant increase from the previous reporting period, when India accounted for less than one per cent of Web-based attacks in the region. Globally in 2009, India ranked seventh with three percent of the worldwide total.
• Credit card information remains the most frequently advertised data by cybercriminals. Stolen credit card information can be quickly and easily used to purchase goods online where relatively minimal card information is required to authorize transactions. In addition to physical goods purchased online for subsequent delivery, criminals can purchase digital goods such as domain registrations, music, software, and gift certificates for online stores, which they receive immediately.
• Malicious Activity takes root in emerging countries. According to the Internet and Mobile Association of India, internet usage in the country has risen by 20 per cent in the last year alone with people progressively spending more time online. Additionally, Indians are increasingly accessing and editing sensitive information from their workstations/PCs, from home and in transit through their laptops, net books or smart phones. India's surge in malicious activity in 2009 has moved the country from 11th for overall malicious activity in 2008 to fifth in this period. The report also indicated that countries with emerging broadband infrastructure may continue to account for larger percentages within specific categories.
ISTR India Highlights:
• India saw an average of 788 bots per day during 2009. There were 62,623 distinct bot-infected computers observed in the country during the period. Amongst the cities in India with the highest number of bot-infected computers, Mumbai figured at the top with 50 percent followed by Delhi at 13 percent and Hyderabad at 7 percent. Cities like Bangalore (6 percent), Cochin (5 percent), Chennai (4 percent), Ahmadabad (2 percent) and Pune (3 percent) too had a sizeable share of bot-infected computers
• Top malicious code propagation vectors. 71 percent of the malicious codes were propagated through file sharing/ executables, 35 percent through files transfer and CIFS (Common Internet File System) and 17 percent through remotely exploitable vulnerability. Other popular means included file transfer/ e-mail attachment, file transfer/ IMs, SQL, Backdoors etc.
• Malicious code types. A continuing trend for Internet users in India is the threat landscape being heavily infested with worms and viruses. The percentage of worms in India at 51 percent is higher than the APJ regional average of 40 percent. 26 percent of the malicious codes in India were viruses versus the APJ average of 16 percent. Trojans (19 percent) and Backdoors (3 percent) were the other prominent mal - codes in the country.
• Trends in spam and phishing. India is the third highest spam originating country in the world, contributing four percent to the worldwide spam volumes. In the APJ region however, India ranked first and contributed 21 percent to the regional total. Six percent of the world spam zombies and 28 percent of the APJ regional spam zombies resided in India. One percent of the world phishing hosts and 7 per cent of the regional phishing were in India.
ISTR Global Highlights:
• Malicious code is more rampant than ever. In 2009, Symantec identified more than 240 million distinct new malicious programs, a 100 percent increase over 2008.
• Top threats. The Sality.AE virus, the Brisv Trojan and the SillyFDC worm were the threats most frequently blocked by Symantec security software in 2009.
• Downadup (Conficker) still very prevalent. It was estimated that Downadup was on more than 6.5 million PCs worldwide at the end of 2009. Thus far, machines still infected with Downadup/Conficker have not been utilized for any significant criminal activity, but the threat remains a viable one.
• Another turbulent year for spam. In 2009, spam made up 88 percent of all e-mail observed by Symantec, with a high of 90.4 percent in May and a low of 73.7 percent in February. Of the 107 billion spam messages distributed globally per day on average, 85 percent were from botnets. The 10 major bot networks, including Cutwail, Rustock and Mega-D now control at least 5 million compromised computers. Throughout 2009, Symantec saw botnet infected computers being advertised in the underground economy for as little as 3 cents per computer.
Source: Business Wire India
Related items:
Older items:
|
News 
Subscribe to this comment's feed
