Hackers use data theft and targeted attacks for financial gain
By Daniel Tan, channelnewsasia.com | Posted: 23 March 2007 1418 hrs
Are Apples really safer than PCs?
What is "pump and dump"?
SINGAPORE: Data theft, data leakage, and the creation of malicious code that targets specific organizations is on the rise, and while the United States remains the top country of attack origin, Asia is where all the action happens.
In Symantec's latest Internet Security Threat Report, China held the dubious honour of having the largest number of bot-infected computers and also the highest levels of malicious activity.
The report also ranked Singapore a regional second in malicious activity by country per Internet user, although, according to Symantec executives, this ranking was due to the small population of Internet users, which meant that each incident carried more proportional weight.
Additionally, since English is commonly spoken in Singapore, this increases SingaporeÂ’s exposure to mass-mailing worms and other English-based malicious code.
As a financial hub, Singapore becomes more susceptible to phishing attacks.
Phishing, a method used to trick consumers into giving up user information by fake e-mails from banks and other organizations, has been linked with Japan where the highest percentage of phishing websites in the Asia Pacific region reside.
Symantec said this could be because Japan is home to the second largest number of Web-hosting companies in Asia, and hosting a phishing site with a small Web-hosting company can be advantageous for a phisher, as these small hosts do not monitor their sites as closely.
This is especially with the rise of “pump and dump” scams which have allowed spammers to generate revenue almost immediately and with the rise from 15% to 30% of spam related to financial products or services.
Little surprise then that Symantec also said it has tracked for the first time, the trade of stolen confidential information and captured data being sold on “underground” servers.
According to the report, the underground economy where stolen identities and financial-account information are bought and sold have become more sophisticated, with anything from a personÂ’s US-based credit card with card verification being sold at $1-$6, to a verified PayPal account with balance ($50-$500 price tag), and even World of Warcraft accounts ($10 price tag).
Much of the data is stolen by infecting computers to allow hackers to gain access to passwords and other sensitive information through e-mails. More often than not, this happens with spam that has viruses or other malicious code.
In the Philippines, spam made up 88% of all email traffic, while 37% of all spam detected from the Asia-Pacific region originated in China. This is likely due to the high number of broadband users and the high percentage of bot-infected computers there.
The home user sector remains, by far, the most highly targeted sector in the Asia Pacific, making up 98% of all targeted attacks. Threats targeting online games and gamers are also emerging as a new focus of malicious activity, as gamers are known to turn off security features to improve gaming performance.
Symantec said hackers are more aggressively using flaws in Microsoft's Internet Explorer Web browser and Office applications to plant Trojan's in PCs because these applications allow them to bypass firewall and antivirus defences.
IE was the most targeted browser with 77% of all targeted attacks, and also had the highest number of documented vulnerabilities at 54. This was followed by Mozilla with 40, followed by Opera and Safari with four documented vulnerabilities.
In terms of exposure window - or the time it takes for the company to fix the vulnerability – Mozilla had the shortest window of exposure, just 2 days, followed by IE with 10 days. Apple had the longest window of exposure at 61 days.
“Regardless of the operating system, users need to make sure the system gets regular update patches for the new vulnerabilities that are coming around,” said Gavin Lowth, Director, Online Channels, Asia-Pacific and Japan, Symantec.
“Users should also have an internet security suite with technologies like anti-virus, firewalls, anti-phishing, etc that get continually updated.”
Being one of the world's largest security-software makers, Symantec has a comprehensive view into malicious code trends. Its semi-annual study draws on the work of its experts and on data from more than 40,000 network sensors in 180 countries, more than 120 million PCs that use its security software, some two million decoy email accounts and a popular forum it operates where security experts disclose security vulnerabilities.
