Oxford, United Kingdom – (The Hosting News) – December 12, 2008 – Web application security firm, Sophos, has released a new security report, examining the threat landscape over the last twelve months, including predictions about emerging cybercrime trends for 2009.
The Sophos Security Threat Report 2009 reveals that more malware is hosted on U.S. websites and more spam is relayed from American computers, than any other country. As evidence of this, when an American Internet company, accused of collaborating with spammers and hackers, was disconnected from the Net in November, there was a staggering 75 percent drop in spam.
Graham Cluley, Senior Technology Consultant for Sophos remarked, ”Not only is the United States relaying the most spam because too many of its computers have been compromised and are under the control of hackers, but it’s also carrying the most malicious webpages. We would like to see the States making less of an impact on the charts in the coming year. American computers, whether knowingly or not, are making a disturbingly large contribution to the problems of viruses and spam affecting all of us today.”
Sophos’s research reveals that in 2008 organized criminal gangs tripled their attacks against innocent websites, injecting malicious code to infect visiting home users and businesses. In addition, 2008 has seen concerted campaigns by hackers to pose as legitimate anti-virus vendors, creating new professional-looking websites and applications every day with the intention of scaring users into believing that their computers have been compromised. On average, Sophos identifies five new scareware websites every day, with the figure peaking at over 20 per day on occasion.
The detailed report, which documents the major Internet attacks of 2008, also reveals a startling rise in hackers spamming out malicious attachments, designed to compromise PCs in order to steal identities, money and resources. By the end of 2008, Sophos was tracking five times more malicious attacks arriving through files attached to emails than at the start of the year.
Furthermore, spammers and malware authors have shown a deadly interest in websites like Facebook – breaking into innocent users’ accounts to take advantage of trusted social networks, and send spam and malware.
Mr. Cluley noted, ”The last year proved beyond doubt that Internet hacking gangs are organized like never before, often working across borders to steal money and data from unsuspecting users. The volume of attacks has increased, with hackers using automated systems to break into vulnerable websites or generate new variants of their malware. People need to wake up to the reality that the completely legitimate website they are visiting could be harboring a dangerous malware infection planted by hackers. As we enter 2009 we are not expecting to see these assaults diminish. As economies begin to enter recession it will be more important than ever for individuals and businesses to ensure that they are on guard against Internet attack.”
Internet attacks are overwhelmingly orchestrated via networks of innocent home computers that have – unknown to their owners – been commandeered by hackers. Sophos urges home users and businesses to properly defend their PCs with up-to-date anti-virus software, security patches and firewalls.
Statistics at a glance include:
- Biggest malware threats – SQL injection attacks against websites and the rising tide of scareware.
- New web infections – one new infected webpage discovered by Sophos every four and a half seconds (Three times faster than in 2007).
- Malicious email attachments – five times more at end of 2008 than at the beginning.
- United States hosts the most malware on the web (37 percent), usurping China’s position in 2007.
- U.S. computers relay the most spam (17.5 percent).
- Increasing allegations of state-sponsored cybercrime, as China, North Korea, Russia and Georgia are among those accused of espionage and assaults via the Internet.
In 2007, China was responsible for hosting over 50 percent of all web-based malware. However, in 2008 this position was stolen by the United States.
The top ten list of malware-hosting countries in 2008 reads as follows:
1. United States 37.0%
2. China (incl. HK) 27.7%
3. Russia 9.1%
4. Germany 2.3%
5. S Korea 2.1%
6. Ukraine 1.8%
7. United Kingdom 1.7%
8. Turkey 1.5%
9. Czech Republic 1.3%
10. Thailand 1.2%
For more information, including statistics on email threats, detection techniques and spam-relaying countries, please download the Sophos Security Threat Report 2009 from: www.sophos.com/securityreport2009.
Sophos provides solutions that enable enterprises all over the world to secure and control their IT infrastructure. Sophosâ€™s network access control and endpoint solutions simplify security to provide an integrated defense against malware, spyware, intrusions, unwanted applications and policy abuse. Sophos complements these solutions with innovative email and web security products that filter traffic for security threats, spam and policy infringements.
With over 20 years of experience, Sophos’s reliably engineered security solutions and services protect more than 100 million users in over 140 countries. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications. Sophos is headquartered in Oxford, UK and Boston, U.S.
To learn more about the report, please visit: www.sophos.com/secrep2009.
To learn more, please visit: www.sophos.com.