US networks pumped out the highest percentage of attacks during the second half of last year, with China running a distant second, according to a report released on Monday by security firm Symantec.
The US accounted for 31 percent of malicious activity originating from computer networks, while 10 percent came from China and 7 percent from Germany, Symantec said in its Internet Security Threat Report.
The company also found that 51 percent of all known servers used by attackers to buy or sell stolen personal information, such as credit card or bank account numbers, are located in the US.
US-based credit cards, with accompanying verification numbers, were found to be selling for $1 to $6 (50 pence to £3) each on these servers. But a more thorough roundup of personal-identification data — including a person's birthdate and banking, credit card and government-issued identification numbers — fetched $14 to $18, the report noted.
Internet thieves increasingly are turning to Trojan-horse software, which can load keylogging software onto unsuspecting victims' computers. The software is able to harvest people's log-in names and passwords to various accounts and can glean other sensitive information people type into their computers.
Trojans accounted for 45 percent of the top 50 malicious code samples collected by Symantec during the second half of last year, up from 23 percent in the previous six months. Symantec noted that that significant jump further reflects a movement away from mass-mailing worms — programs that spread software viruses and clog networks.
Phishing, an attempt by attackers to trick people into revealing personal or financial information, largely occurs during the weekday, the report noted. Many phishing attacks begin with an email that appears to be from a legitimate source but in fact contains a malicious attachment or includes a link to a malicious website. During the second half of the year, a daily average of 961 phishing emails were sent to people on weekdays; 27 percent fewer phishing messages were sent out on weekends.
Talkback
The various online attacks - not to mention spam itself - are really annoying and a pain in the *sun-don't-shine-department*. I think countries should be penalised accordingly to try and discourage such acts from their location.
If I report problems to the US ISPs the majority take action. If I report to UK ISPs they tend to ignore it until threatened with legal action. China for the most part hides behind bad email addresses on APNIC so you can't report it in the first place.