U.S. and China: major targets of computer attacks

08:46, March 03, 2010      

Email | Print | Subscribe | Comments | Forum 

The United States and China are two major countries with malicious computer activity, Vincent Weafer, Vice President of Symantec Security Response, the largest maker of personal computer security software in the world, told Xinhua in an interview.

He said cybercrime represents today's most prolific threat and cybercriminals are more determined than ever to steal confidential information. Attacks continue their shift away from noisy, large- scaled attacks to highly targeted silent attacks motivated by financial gain. They can be commercial entities breaking into competitors' records, or international crime rings stealing valuable data like credit card numbers and email passwords.

"Cyber attacks are increasingly sophisticated, better organized and specifically designed to silently steal data for profit or advantage. Fraud, intelligence gathering and gaining access to vulnerable systems are now the clear motivation behind today's attacks," he said.

"In 2009, 90 percent of threats observed by Symantec were targeting confidential information. We released the results of our 2010 Enterprise security study this week, which surveyed 2,100 enterprise CIOs, CISOs and IT managers around the world and our study shows that 75 percent of enterprises experienced cyber attacks," said Weafer.

"In the December 2009 Symantec Quarterly Intelligence Report we identified that the United States was the top country for malicious activity during this period, accounting for 18 percent of the global total and China was ranked third with 7 percent of the global total," said Weafer.

Malicious activity usually affects computers that are connected to high-speed broadband Internet because these connections are attractive targets for attackers. The top countries in this metric, including the United States and China, have extensively developed and growing broadband infrastructures. China passed the United States for the largest number of broadband subscribers for the first time in 2008, represented 21 percent of the worldwide broadband subscriber total, said Weafer.

"The key trends we observed in 2009, included the increasing problem of Rogue AV or misleading security applications. Symantec has identified 250 distinct misleading applications that pretend to be legitimate security software-quite convincingly so in many instances-but which actually provide little or no protection and can in reality infect a computer with the very malware it purports to protect against. From July 1, 2008, to June 30, 2009, Symantec received reports of 43 million rogue security software installation attempts," Weafer said.

According to Weafer, Botnets continued to rule the cyber security landscape in 2009 with the 10 major heavyweight spam- sending botnets, including Cutwail, Rustock and Mega-D, now controlling at least 5 million compromised computers.

He said Cutwail was a dominating force across both spam and malware in 2009, responsible for issuing 29 percent of all spam or 8,500 billion spam messages between April and November 2009. Symantec has observed that the majority of today's malware contains a bot command and control channel. Other key trends include the rise of attacks against both social networking sites and users of those sites became standard practice for criminals.

In 2009, 498 data breaches were reported, exposing more than 233 million records, according to the Identity Theft Resource Center. Well-meaning insiders represent the bulk of data loss incidents with 88 percent of all data loss incidents caused by insiders such as employees, according to The Ponemon Institute.

However other causes include attacks using targeted malware. One recent example is the Hydraq attack earlier this year that targeted specific companies for confidential information.

The threat leveraged a zero-day vulnerability in Internet Explorer and sophisticated social engineering tactics. It penetrated systems by infiltrating emails and IMs with malicious links and PDF attachments that contained malware. Once a system was compromised, it allowed the hacker to leverage the back door to steel information from the targeted organization, according to Weafer.

According to Weafer, there's also been a marked increase in " crimeware," or software used to conduct cybercrime. These tools fuel the black market including, botnets, keystroke loggers, spyware, backdoors, and Trojans. User-friendly toolkits such as Zeus tenable even novice hackers to create malware and botnets including the recently reported kneber bot-net.

In 2009, Symantec created more than 2.9 million new virus signatures and discovered more than 211 million distinct malware variants. To put this in prospective we've created more signatures in the past 15 months than in the past 18 years combined, said Weafer.

He said that last year the company launched its new reputation- based security, which was built to address the untold number of undetected threats created every day. This technology leverages the "wisdom" of tens of millions of Symantec users around the world to derive safety rating for every file on the Internet. It allows Symantec Security Response experts to compute the reputation of a program based on a number of different factors including the origin, the age of the program and its prevalence. In just six months we generated more than 177 billion reputation ratings, said Weafer.

Joris Evers, Director of Worldwide Public Relations at McAfee, another major player in computer security, told Xinhua that intellectual property has become a main target of cyberattacks, which means that information rich organizations and individuals will be a target.

"In our recent Virtual Criminology Report we highlighted that cyberwar has become a reality and five countries are at the forefront of arming themselves for cyberwar. These countries are the U.S., France, Israel, Russia and China," said Evers.

"In general we continue to see increased hacking activity around the world. For example, McAfee Labs had catalogued approx. 33.3 million pieces of malware at the end of 2009, compared to approx. 16.3 million at the end of 2008. That's 104 percent increase, or a doubling of malware in a year," said Evers.

He said attribution in cybercrime is very tough. Attackers can route their attacks through numerous computers and obfuscate their actual location, as a result it is always a challenge to pinpoint the source of a cyberattack.

"We do know that many computers in China are compromised due to lack of computer security and appropriate PC hygiene. In our Q4 Threat Report we noted that there are more 'zombie' computers in China than in any other nation with 12 percent of all zombie computers located in China. The U.S. is second with 9.5 percent. During the quarter we saw about 4 million new zombie PCs come online each month," said Evers.

Source: Xinhua
  • Do you have anything to say?


Special Coverage
Major headlines
Editor's Pick
  • Death toll rises in Chile earthquake, curfew extended
  • Purim Festival Parade in Holon
  • Southern Tibet sees snowfall in early spring
  • CPPCC members promote environmental protection concepts
  • Final sprint of Shanghai Expo Cultural Center
  • Top 6 scandals at Vancouver Olympics
Most Popular
Hot Forum Dicussion