Home > Internet, malware, Security, Symantec > Symantec’s Internet threat security report on India has few surprises!

Symantec’s Internet threat security report on India has few surprises!

April 21, 2010

Actually, no surprise, really! India is definitely shooting up — in the wrong direction — as far as Internet threats are concerned! The India edition of Symantec’s Internet threat security report, presented by Vishal Dhupar, managing director, Symantec India, has several key findings that will make you sit up and think! Let’s start!!

Vishal Dhupar, managing director, Symantec India, presenting the Internet threat security report, India edition.

Vishal Dhupar, managing director, Symantec India, presenting the Internet threat security report, India edition.

Here are just two among the many data points. One, India, Brazil and Poland — all witnessed growth in malicious activity. In 2009, India accounted for 15 percent of all malicious activity in the APJ region, an increase from 10 percent in 2008. Also, 19 percent of the attacks targeting India, originated in India itself in 2009. So, India is rising — both as the country of origin and a target for attacks! Wonderful!

Another one: after the US, Brazil and India are prominent among the countries where Web-based attacks originate. Okay, India was also one of the highest ranked countries for Zeus infections in 2009!

So, the key findiings of the threat landscape are as follows: The underground economy remains unaffected by the global economy. Hence, users are still plagued by Web-based attacks. Targeted attacks focus on enterprises — no surprise! Next, attack kits make it easier for novices to indulge in information theft. Finally, malicious activity takes place in emerging countries (read India, among them). I will deal with all of these a bit later.

Dhupar elaborated on some best practices as well that we all — enterprises and end users need to follow. These include:
* Defense-in-depth strategies
* Proactive policy based approach to security
* Test security, and update definitions and patches.
* Educate management on security.
* Emergency response procedures with backup and restore.

As for the way ahead, cybercriminals will continue to innovate to fuel the underground economy. New age Internet technologies and usage will encourage novel propagation vectors. The global scale and origin of attacks requires international co-operation.

The threat landscape
Let’s start with the threat landscape first! Credit card information and bank accounts still top advertised items on the underground economy. Credit card dumps actually saw a marked increase in advertisements. Next, multi-tiered commercial model is exploiting the innocent and needy, and their PCs. The cyber mafia is also increasingly mashing up new and old criminal techniques.

There are targeted attacks focused on enterprises. We all know this, don’t we? These attacks are frequently carried out by advance persistent threats (APTs). These threats remain undetected to penetrate deeply into the network.

Next, there are attack kits, which allow the novice, unskilled attackers to enter the market with sophisticated tools. The increase in kit activity is notably marked by Zeus.

Key fact and figures on India
First, the bot mania continues! India had an average of 788 bots per day, and 62,623 distinct bot-infected computers in 2009. However, Symantec observed an average of 10,440 active bots per day in the APJ region — an 11 percent decline from 2008. The reason being — many command and control centers were seized. Dhupar advised that we need to protect all end points, including mobile phones/smartphones, etc.

Still on bots, Mumbai accounts for 50 percent of total bots in India, up from 37 percent in 2008, followed by Delhi at 13 percent (7 percent, 2008), Hyderabad at 7 percent (4 percent, 2008), and Bangalore 6 percent (same in 2008). Some other cities in this list include Cochin, Chennai, Pune, Bhubaneshwar, Ahmedabad and Kolkata.

Next, malicious code trend types. India ranked no. 1 in APJ and 2nd globally (after the US), for malicious code! Wow!! What are we doing? We are toppers in this area! There has been an increase in worms and propagation through remotely exploitable vulnerabilities, primarily due to Conficker. Also, trojans made up 56 percent of the volume of the top 50 malicious code samples reported in 2009, thankfully, a decrease from 68 percent in 2008.

Still on malicious code trends, India had the highest number of potential worm infections in the APJ during 2009, unchanged from 2008. This, in a country which takes pride in its IT strength is really strange! Aren’t the IT guys, especially, protecting themselves enough?

As for the propagation vectors among the malicious code trends, in 2009, Symantec identified over 240 million distinct new malicious programs — a 100 percent rise over 2008! In 2009, propagation through file sharing executables accounted for 72 percent of malicious codes that propagate — up from 66 percent in 2008. Also, there is a lack of information centric policy driven end point, data loss prevention and messaging security.

Coming to the phishing trends, brands are being phished by sectors. As per the APJ rank percentage 2009, the financial sector tops at 79 percent, followed by ISP at 8 percent, retail at 4 percent, and several others, such as insurance, Internet connectivity, telecom, consumer hardware, etc., at 2 percent each, respectively.

Of the phishing URLs identified in India during 2009, a whopping 91 percent targeted the financial sector. Oh, 1 percent of the world’s phishing hosts and 7 percent of the regional phishing were in India. India continues to lead in these areas too!! Why? Some more India facts on phishing, One, cyber criminals are increasingly localizing phishing attacks. Two, recent examples include phishing attacks on the Indian tax department.

Now to spams! Spam accounted for 88 percent of all email messages observed by Symantec during 2009. No surprises again — India was the third-highest spam originating country in the world and first in APJ!

Am sure you love forwarding emails to friends and colleagues. We all do it, don’t we? How many of us realize that this is spamming? Even if we do, that still doesn’t stop us from forwarding fun emails, and definitely, emails that have content dealing with religion, or even sex, jokes, latest buzz, scandals, cricket, IPL (Indian Premier League), politicians, and so on and so forth! See, how we all contribute ‘lovingly’ to this huge number!

Protect yourself!
Enterprises and end users, do try and protect yourselves better against Internet threats. Follow your company IT policies as strictly as possible! And, keep your Internet security program updated at all times — especially, the home users.

Am sure, you love checking emails on your smartphones, or even updating your Facebook, MySpace or Twitter accounts, since it is all so convenient. No harm in doing that, but just ensure your smartphone is not open to hackers. Do remember, you are also opening up another end point for possible security breach or attack!

I do tell some of my friends — do log out completely of the web sites you visit, especially, your personal email programs. Never save your username and password on the Internet — simply because it is easy to log into a website/an email program. Oh, the next time you forward a ‘fun’ email, do think of how much Internet bandwidth is being wasted in that activity, besides you spamming your friends!

Finally, hello my dear fellow Indians — what are we all doing? Why are we all so keen to be well known for “Internet notoriety”? Isn’t there something better for us to do?

  1. Sanjeev Kumar
    April 22, 2010 at 3:30 am

    Hi Pradeep,

    this is your old friend . good article . thanx for knowledge sharing. regards sanjeev

  2. April 24, 2010 at 10:08 pm

    Nice to see you here, Sanjeev! 🙂

  1. April 24, 2010 at 9:48 am
Comments are closed.
%d bloggers like this: