Monday, September 17, 2007

Criminals target trusted websites

Canada ranks second worldwide as top source of malicious Internet activity

Trusted websites have become the patient zero for some viral epidemics in the virtual world with sophisticated cyber-criminals using them to lure unsuspecting computer users into spreading their malicious code.

And Canada is a key global player in the dark side of the Internet, now ranking second worldwide after Israel as the top source of malicious Internet activity.

These are among the findings of Symantec's Internet Security Threat Report Trends for the first six months of this year, released today.

"The Web is becoming patient zero for infections and we are now faced with situations where even the guys you would normally trust have an issue," said Dean Turner, director of Symantec's global intelligence networks. "The Web has really become the focal point.

"Instead of the bad guys going to you, you are going to them."

The threat comes from the increasing number of trusted websites being hacked by the professional criminals who have sophisticated commercial tools that allow them to operate vast networks of infected computers.

Even government websites are not immune from the hackers.

"What we found was that governments are the targets and the victims of the same thing as enterprises are when it comes to hosting phishing sites," said Turner.

Phishing is a technique used by cyber-criminals to acquire sensitive personal data such as credit- card and banking information.

Turner said 23 per cent of all government websites hosting phishing sites were on government domains in Thailand. And the study found that four per cent of all malicious activity detected during the first six month of 2007 originated from Internet Protocol space registered with Fortune 100 companies.

"Fortune 100 companies control seven per cent of all IP space worldwide, so it is pretty significant when we see that activity coming from the Fortune 100 - that's a lot of IP space."

Turner said that figure is likely explained by criminals capitalizing on the unused IP space of the companies.

"The bad guys know," he said. "If they are looking for activity on this IP space and they are not seeing any, they know it is fertile ground."

Turner said Canadians spend the most time online of any computer users in the world, a trend he said could explain this country's high ranking in malicious Internet activity.

Among other findings of the report:

- Bot networks, networks of infected computers that are controlled by criminals, have a lifespan of 19 days in Canada, the longest lifespan of bot networks anywhere in the world.

- The U.S. was the target of the most denial of service (DOS) attacks, accounting for 61 per cent of all such attacks worldwide in the first half of this year.

- The U.S. also was the top country of origin for attack, accounting for 25 per cent of all global attacks.

- The education sector topped all sectors for data breaches that could lead to identity theft, accounting for 30 per cent of all such data breaches over the first six months of 2007.

- The theft or loss of computer or other data-storage medium made up 46 percent of all data breaches that could lead to identity theft in the first half of this year.

- Credit cards, at 22 per cent of all items, were the most common commodity listed in the underground economy and 85 per cent of the cards being sold were issued by banks in the U.S.