Web-based malicious attacks on rise in India: study

[dhilipkumar]

Web-based malicious attacks on rise in India: study

India remains a soft target for Internet threats, as evident from the steep rise in malicious attacks from web-based sources originating mostly from the US and China, a study by global security solutions provider Symantec has revealed.

'Computers in India are set to witness increased malicious activities due to rapid growth of Internet infrastructure, a burgeoning broadband population and rampant software piracy,' Symantec India managing director Vishal Dhupar told IANS.

According to the Symentac Internet Security Threat report, which is based on data pooled by Internet sensors, first-hand research and monitoring of hacking communications during January-December 2008, computers from the US and China were the leading source of web-based attacks targeting India.

Web surfing remained the primary source of new infections in 2008. Attackers rely on customised malicious code toolkits to develop and distribute their threats, targeting confidential information of computer users.

'Unless enterprises improve security protocols and measures to counter malicious activities, India will continue to be a soft target of Internet threats,' Dhupar said.

The report noted that India ranked among the top three countries in the Asia-Pacific-Japan (APJ) region that was subjected to malicious code activity by volume as the country had the fifth highest number of broadband subscribers (eight million) in the region.

Malicious code is a new breed of Internet threat that cannot be efficiently controlled by conventional anti-virus software. The code can enter network drives and spread. It can cause network and mail server overload by sending e-mail messages, stealing data and passwords, deleting document files, e-mail files or passwords and even re-formatting hard drives.

Internet users in India also faced a serious threat from worms and viruses attacks. In the APJ region, India ranked first with nine of the top 10 malicious codes found consisting 55 percent worms and 15 percent viruses. These infesting codes disabled security related processes and stole confidential information.

In the global context, the study found India ranked high on these vectors of infection, as evident from the damage the Downadup/Conficker worm caused to thousands of computers across the country during the initial stages of attack.

'Enterprises without protective strategies are likely to see worms and viruses infiltrate their environments and access their information and infrastructure. Indian enterprises have to adopt ingress and egress filtering on perimeter devices to prevent unwanted activity,' said Dhupar.

Around 65 percent of worms and viruses in Indian enterprises are propagated through the file sharing/executables mechanism.

'This indicates that endpoint security and policy are still missing in many organisations as this level of security protection would have allowed IT administrators to scan removable drives for threats. A large number of infections in India have also occurred due to file-sharing programmes, free downloads and freeware and shareware versions of software,' Dhupar noted.

Similarly, with an average of 836 bot attacks per day, the study found 103,812 computers were infected in the country during 2008.

Bot (short form for robot) is a malicious code (computer programme) that comes with an e-mail attachment sent to intended users by hackers for infecting and damaging their personal computers or servers in enterprises.

When a spam mail is opened, the user is enticed to click the attachment with tempting words for viewing the link. Unknowingly, the bot in the link attacks the computer when opened.

According to the report, India had an average of 836 bots per day during 2008 and there were 103,812 distinct bot-infected computers observed in the country during the period.

India also saw a huge surge in bot command and control servers to 70 in 2008 from 40 in 2007.

Bot command-and-control servers are computers that botnet owners use to relay commands to bot-infected computers on their networks.

The sharp increase in bot-infected computers in India pointed towards low adoption of security measure that includes anti-malware, intrusion prevention and intrusion detection.

Among cities with the highest number of bot-infected computers, Mumbai topped with 37 percent followed by Chennai at 24 percent and Delhi seven percent.

The report is compiled by the Symantec security technology and response organisation, which includes security response, a worldwide team of security engineers, threat analysts, and researchers.

With global response centres located the world over, the organisation monitors malicious code reports from 130 million systems across the Internet, receives data from 240,000 network sensors in 200 countries and tracks 32,000 vulnerabilities.


news.yahoo