India, now a source, not just a target of cyber crime: Symantec

22nd April 2010
India,  now a source, not just a target of cyber crime: Symantec

Findings in Internet  Security Threat  Report for 2009.

2011 versions of Norton products in beta downloads.

New tool for Facebook users.

Symantec Corp. has released its latest Internet Security Threat Report  to highlight key trends in cybercrime from Jan.1, to Dec. 31, 2009 – and it is a wake up call for India in more than one sense: With increasing broadband penetration, comes increased cyber criminality: The country now ranks #1 in Asia Pacific and Japan and # 2 globally for malicious code, says Vishal Dhupar, Managing Director Symantec India.

Only the United States had more malicious code than India. 19 percent of attacks targeting India, originated in India itself in 2009, indicating that this is now a country of origin – and not just a target for attacks. One per cent of world wide phishing hosts and seven per cent of the regional phishing  were in based in India. Mumbai accounts for 37 % of all BOT attacks in India, followed by Delhi 13 %.
Clearly with maturing communication, comes heightened cyber security threats.

The cyber mafia is increasingly mashing up new and old criminal techniques. To make things easier for the baddies, you can now readily access kits like Zeus, which allow unskilled attackers to enter the “market”.

Other trends highlighted by the report:
Cybercriminals have turned their attention toward enterprises, given the potential for monetary gain from compromised corporate intellectual property (IP). The report found that attackers are leveraging the abundance of personal information openly available on social networking sites to synthesize socially engineered attacks on key individuals within targeted companies.
Web-based attacks grow unabated. Today’s attackers leverage social engineering techniques to lure unsuspecting users to malicious Web sites. These Web sites then attack the victim’s Web browser and vulnerable plug-ins normally used to view video or document files. In 2009, India ranked second for origin for Web-based attacks in APJ, with 16 percent of the APJ total. This is a significant increase from the previous reporting period, when India accounted for less than one per cent of Web-based attacks in the region. Globally in 2009, India ranked seventh with three percent of the worldwide total.
Credit card information remains the most frequently advertised data by cybercriminals. Stolen credit card information can be quickly and easily used to purchase goods online where relatively minimal card information is required to authorize transactions. In addition to physical goods purchased online for subsequent delivery, criminals can purchase digital goods such as domain registrations, music, software, and gift certificates for online stores, which they receive immediately.
Malicious Activity takes root in emerging countries. According to the Internet and Mobile Association of India, internet usage in the country has risen by 20 per cent in the last year alone with people progressively spending more time online. Additionally, Indians are increasingly accessing and editing sensitive information from their workstations/PCs, from home and in transit through their laptops, net books or smart phones. India's surge in malicious activity in 2009 has moved the country from 11th for overall malicious activity in 2008 to fifth in this period. The report also indicated that countries with emerging broadband infrastructure may continue to account for larger percentages within specific categories.
Top malicious code propagation vectors. 71 percent of the malicious codes were propagated through file sharing/ executables, 35 percent through files transfer and CIFS (Common Internet File System) and 17 percent through remotely exploitable vulnerability. Other popular means included file transfer/ e-mail attachment, file transfer/ IMs, SQL, Backdoors etc.
Malicious code types. A continuing trend for Internet users in India is the threat landscape being heavily infested with worms and viruses. The percentage of worms in India at 51 percent is higher than the APJ regional average of 40 percent. 26 percent of the malicious codes in India were viruses versus the APJ average of 16 percent. Trojans (19 percent) and Backdoors (3 percent) were the other prominent mal - codes in the country.

Trends in spam and phishing. India is the third highest spam originating country in the world, contributing four percent to the worldwide spam volumes. In the APJ region however, India ranked first and contributed 21 percent to the regional total. Six percent of the world spam zombies and 28 percent of the APJ regional spam zombies resided in India. One percent of the world phishing hosts and 7 per cent of the regional phishing were in India.

The Internet Security Threat Report (ISTR) is derived from data collected by tens of millions of Internet sensors, first-hand research, and active monitoring of hacker communications, and it provides a global view of the state of Internet Security.

2011 Norton in free beta In a separate announcement, Symantec has unveiled the 2011 beta versions Norton AntiVirus and Norton Internet Security, which are now available for free download from the Norton beta website. http://safeweb.norton.com/  The company has also launched its first beta security application for Facebook and two standalone security tools to address the increasingly common menace posed by fake antivirus programs and other infections.

Norton Safe Web application for Facebook is a free beta application that protects computer users by scanning their Facebook news feeds for malicious URLs, allowing them to identify risky sites before clicking through. (http://safeweb.norton.com/   )

Some threats impersonate legitimate programs, modify browsers or boot screen graphics, and even redirect traffic. Due to their deceptive appearance, users will often times allow the installation of programs that may appear legitimate, but are actually harmful. Sometimes, these "scareware" programs can require special tactics to remove them. With Norton Power Eraser, these threats (and others) are specifically targeted, and effectively detected and removed. Learn about it and download it here: http://security.symantec.com/nbrt/overview.asp?lcid=1033&origin=default

April 22 2010