Press release from Business Wire India
Source: Symantec Corp.
Wednesday, April 21, 2010 07:30 PM IST (02:00 PM GMT)
Editors: General: Consumer interest; Business: Advertising, PR & marketing, Business services, Information technology; Technology
Cybercriminals Innovate to Fuel the Underground Economy - Symantec's Internet Security Threat Report (ISTR) Volume XV
The Internet's Underground Economy has Developed by 'Mashing up' Old and New Criminal Techniques to Devastating Effect
Bangalore, Karnataka, India, Wednesday, April 21, 2010 -- (Business Wire India) -- Symantec Corp. (Nasdaq: SYMC) today released its new Internet Security Threat Report volume XV, which highlights key trends in cybercrime from Jan.1, 2009 to Dec. 31, 2009. Criminals from the Internet's underground economy aren't just content to steal hard-earned money from ordinary users, they are increasingly focusing their efforts on high-end crime. Symantec's Internet Security Threat Report reveals continued growth in both the volume and sophistication of cybercrime attacks.
"Attackers have evolved from simple scams to highly sophisticated and focused campaigns," said Vishal Dhupar, managing director, Symantec, India. "The scale of these attacks and the fact that they originate from across the world, makes this a truly international problem requiring global cooperation."
Notable trends highlighted in this year's report include:
. Cybercriminals have turned their attention toward enterprises, given the potential for monetary gain from compromised corporate intellectual property (IP). The report found that attackers are leveraging the abundance of personal information openly available on social networking sites to synthesize socially engineered attacks on key individuals within targeted companies.
. Web-based attacks continued to grow unabated. Today's attackers leverage social engineering techniques to lure unsuspecting users to malicious Web sites. These Web sites then attack the victim's Web browser and vulnerable plug-ins normally used to view video or document files. In 2009, India ranked second for origin for Web-based attacks in APJ, with 16 percent of the APJ total. This is a significant increase from the previous reporting period, when India accounted for less than one per cent of Web-based attacks in the region. Globally in 2009, India ranked seventh with three percent of the worldwide total.
. Credit card information remains the most frequently advertised data by cybercriminals. Stolen credit card information can be quickly and easily used to purchase goods online where relatively minimal card information is required to authorize transactions. In addition to physical goods purchased online for subsequent delivery, criminals can purchase digital goods such as domain registrations, music, software, and gift certificates for online stores, which they receive immediately.
. Malicious Activity takes root in emerging countries. According to the Internet and Mobile Association of India, internet usage in the country has risen by 20 per cent in the last year alone with people progressively spending more time online. Additionally, Indians are increasingly accessing and editing sensitive information from their workstations/PCs, from home and in transit through their laptops, net books or smart phones. India's surge in malicious activity in 2009 has moved the country from 11th for overall malicious activity in 2008 to fifth in this period. The report also indicated that countries with emerging broadband infrastructure may continue to account for larger percentages within specific categories.
ISTR India Highlights:
. India saw an average of 788 bots per day during 2009. There were 62,623 distinct bot-infected computers observed in the country during the period. Amongst the cities in India with the highest number of bot-infected computers, Mumbai figured at the top with 50 percent followed by Delhi at 13 percent and Hyderabad at 7 percent. Cities like Bangalore (6 percent), Cochin (5 percent), Chennai (4 percent), Ahmadabad (2 percent) and Pune (3 percent) too had a sizeable share of bot-infected computers
. Top malicious code propagation vectors. 71 percent of the malicious codes were propagated through file sharing/ executables, 35 percent through files transfer and CIFS (Common Internet File System) and 17 percent through remotely exploitable vulnerability. Other popular means included file transfer/ e-mail attachment, file transfer/ IMs, SQL, Backdoors etc.
. Malicious code types. A continuing trend for Internet users in India is the threat landscape being heavily infested with worms and viruses. The percentage of worms in India at 51 percent is higher than the APJ regional average of 40 percent. 26 percent of the malicious codes in India were viruses versus the APJ average of 16 percent. Trojans (19 percent) and Backdoors (3 percent) were the other prominent mal - codes in the country.
. Trends in spam and phishing. India is the third highest spam originating country in the world, contributing four percent to the worldwide spam volumes. In the APJ region however, India ranked first and contributed 21 percent to the regional total. Six percent of the world spam zombies and 28 percent of the APJ regional spam zombies resided in India. One percent of the world phishing hosts and 7 per cent of the regional phishing were in India.
ISTR Global Highlights:
. Malicious code is more rampant than ever. In 2009, Symantec identified more than 240 million distinct new malicious programs, a 100 percent increase over 2008.
. Top threats. The Sality.AE virus, the Brisv Trojan and the SillyFDC worm were the threats most frequently blocked by Symantec security software in 2009.
. Downadup (Conficker) still very prevalent. It was estimated that Downadup was on more than 6.5 million PCs worldwide at the end of 2009. Thus far, machines still infected with Downadup/Conficker have not been utilized for any significant criminal activity, but the threat remains a viable one.
. Another turbulent year for spam. In 2009, spam made up 88 percent of all e-mail observed by Symantec, with a high of 90.4 percent in May and a low of 73.7 percent in February. Of the 107 billion spam messages distributed globally per day on average, 85 percent were from botnets. The 10 major bot networks, including Cutwail, Rustock and Mega-D now control at least 5 million compromised computers. Throughout 2009, Symantec saw botnet infected computers being advertised in the underground economy for as little as 3 cents per computer.
Connect with Symantec
. Symantec Security Response on Twitter
. Symantec on Facebook
. Symantec Internet Security Threat Report XV Microsite
. Threat Landscape Overview on Slide Share
. Symantec Security Response Blog
. Industry Resources at Delicous.com
. 2010 State of Enterprise Security Report
. 2010 State of Enterprise Security on SlideShare
About the Symantec Internet Security Threat Report
The Internet Security Threat Report (ISTR) is derived from data collected by tens of millions of Internet sensors, first-hand research, and active monitoring of hacker communications, and it provides a global view of the state of Internet Security. The study period for the ISTR XV covers January 2009 to December 2009.
About Security Technology and Response
The Symantec Internet Security Threat Report is created by the Security Technology and Response (STAR) organization. STAR, which includes Security Response, is a worldwide team of security engineers, threat analysts, and researchers that provides the underlying functionality, content, and support for all Symantec corporate and consumer security products. With Response centers located throughout the world, STAR monitors malicious code reports from more than 133 million systems across the Internet, received data from 240,000 network sensors in more than 200 countries, and tracks more than 35,000 vulnerabilities affecting more than 80,000 technologies from more than 11,000 vendors. The team uses this vast intelligence to develop and deliver the world's most comprehensive security protection.
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.
NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.
Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
Sanjana Shetty, 20:20 MEDIA, +919986843610, +91 (80) 30982816, email@example.com
CONSUMER, MARKETING, BUSINESS SERVICES, IT, TECHNOLOGY
If you wish to change your Business Wire India selection please click on this link http://www.businesswireindia.com/media/news.asp and use your personal username and password to login.
Submit your press release at http://www.businesswireindia.com