KUALA LUMPUR – Computers in this city have more bot-infected PCs and servers than any other area in the Asia-Pacific/Japan region, says Symantec Malaysia.
Bots — robots — are covertly installed onto a computer to allow hackers to remotely control the machine for malicious purposes such as unlawful data collection, information and identity theft.
Symantec’s latest study, the ‘Internet Security Threat Report (ISTR)’ – covering the six-month period from July 1 to December 31, 2007 – also found that Malaysia is the country with the second highest number of malicious activities in Southeast Asia (SEA), behind Thailand.
According to Symantec Malaysia enterprise security consultant Kannan Velayutham, this is a stark contrast to the previous ISTR (January 1 – June 30, 2007), when Kuala Lumpur came seventh on the list of Asia Pacific/ Japan (APJ) cities with the highest number of bot-infected computers.
“Malaysia has become a prime target for cybercriminals to launch malicious attacks in south-east Asia (SEA),” Velayutham said. “While there has been an overall decrease in bot-related activities across the APJ region from the previous ISTR, January to June 2007, Malaysia registered the highest rate of bot-infected computers in SEA. Bot-infected computers are a real concern for online users because their personal information can be easily leaked, and compromised computers can be used as a launch base for other attacks.”
He said the rapid growth of broadband penetration in Malaysia might be a possible contributing factor to the rise in malicious activities because new broadband users may not be aware of the additional security precautions required when accessing an always-on high-speed Internet.
“This is an area to watch-out for as broadband penetration is expected to continue its upward trend in Malaysia,” said Velayutham.
On the global front, the study highlighted that the Web has been identified as the primary conduit of attack activity, as opposed to network attacks, and that online users can increasingly be infected simply by visiting everyday Web sites.
In 2007, Symantec detected 711,912 new threats compared to 125,243 in 2006 — an increase of 468 percent; this brings the total number of malicious code threats detected by Symantec to 1,122,311 as of the end of 2007.
Symantec measured the release of both legitimate and malicious software during a portion of the reporting period and found that 65 percent of the 54,609 unique applications released to the public were categorized as malicious. This is the first time Symantec observed malicious software outpacing legitimate applications, said Velayutham.
Symantec Malaysia pre-sales technical consultant manager Ong Kah Wooi said that avoiding the dark alleys of the Internet was sufficient advice in years past. However, “today’s criminal is focused on compromising legitimate Web sites to launch attacks on end-users, which underscores the importance of maintaining a strong security posture no matter where you go and what you do on the Internet.”
Finally, the report confirmed that attackers are leveraging a maturing underground economy to buy, sell and trade stolen information. This economy is now characterized by a number of traits common in traditional economies. For example, market forces of supply and demand have a direct impact on pricing. Credit card information, which has become plentiful in this environment, accounted for 13 per cent of all advertised goods–down from 22 percent in the previous period and sold for as low as 40 cents U.S.
Symantec’s study is based on data collected by millions of Internet sensors, first-hand research and active monitoring of hacker communications and provides a global view of the state of Internet security.