Site iconSite icon IFSEC Insider | Security and Fire News and Resources

India is a soft target of Net threat, says Symantec

Symantec Corp. today announced that malicious code activity continued to grow at a record pace throughout 2008, primarily targeting confidential information of computer users. In addition, unless enterprises improve security protocols and measures to counter malicious activities, India will continue to be a soft target of Internet threats.

It is even more imperative that security issues should be not confined at IT engineers’ level but addressed at board levels.

According to the company’s Internet Security Threat Report Volume (ISTR) XIV, Symantec created more than 1.6 million new malicious code signatures in 2008. This equates to more than 60 per cent of the total malicious code signatures ever created by Symantec – a response to the rapidly increasing volume and proliferation of new malicious code threats. These signatures helped Symantec block an average of more than 245 million attempted malicious code attacks across the globe each month during 2008.

The Internet Security Threat Report is derived from data collected by millions of Internet sensors, firsthand research, and active monitoring of hacker communications, and provides a global view of the state of Internet security. The study period for the ISTR XIV covers January 2008 to December 2008.

The report noted that web surfing remained the primary source of new infections in 2008, and that attackers are relying more and more on customized malicious code toolkits to develop and distribute their threats.

Targeting India

In tune with the global trends, India too saw a substantial increase in its proportion of malicious activity in almost every category. India had the fifth highest number of broadband subscribers in the Asia-Pacific-Japan (APJ) region in 2008 and the third highest volume of malicious activity, with 10 per cent of the regional total. Computers from the United States and China were the leading source of Web-based attacks targeting India, accounting for 84 per cent and 5 per cent respectively.

“Due to a rapidly growing Internet infrastructure, a burgeoning broadband population and rampant software piracy, India is expected to witness increased malicious activities,” said Vishal Dhupar, managing director, Symantec India. “Unless enterprises improve security protocols and measures to counter malicious activities, India will continue to be a soft target of Internet threats.”

India on bot radar!

According to the report, India had an average of 836 bots per day during 2008 and there were 1,03,812 distinct bot-infected computers observed in the country during the period. This was a staggering increase of nearly 250 per cent from the previous Internet Security Threat Report.

Globally, in 2008, Symantec observed an average of more than 75, 000 active bot-infected computers each day, a 31 per cent increase from 2007. India also saw a huge surge in bot command & control servers from 40 in 2007 to 70 in 2008.

Bot command-and-control (C&C) servers are computers that botnet owners use to relay commands to bot- infected computers on their networks. The sharp increase in bot-infected computers in India points towards low adoption of security measure that includes anti -malware, intrusion prevention and intrusion detection.

Mumbai high on the list

Amongst the cities in India with the highest number of bot-infected computers, Mumbai figured at the top with 37 per cent followed by Chennai at 24 per cent and Delhi at 7 per cent. Cities like Bangalore, Hyderabad, Calcutta, Surat, Ahmadabad, Cochin and Pune too had a sizeable share of bot-infected computers.

Another alarming trend for Internet users in India is the threat landscape being heavily infested with worms and viruses. In the APJ region, India ranked first on worms and viruses attacks prevalence chart. Nine of the top 10 malcodes found in India consisted of worms (55 per cent) and viruses (15 per cent) that disabled security related processes, downloaded additional threats and stole confidential information.

Indian firms vulnerable

While the global averages for worms and virus attacks increased only marginally, India continued to rank high on these vectors of infection. A perfect case in point was the Downadup/Conficker worm, which left over thousands of computers in India infected during the initial stages of attack.

“Enterprises with a lack of ‘defense in depth’ strategies are more likely to see worms and viruses infiltrate their environments and easily access their information and infrastructure,” said Dhupar. “It is time Indian enterprises adopt ingress and egress filtering on perimeter devices to prevent unwanted activity.”

Nearly 65 per cent of worms and viruses in Indian enterprises are propagated through the File Sharing/Executables mechanism. This indicates that endpoint security and policy are still missing in many organizations, as this level of security protection would have allowed IT administrators to scan removable drives for threats. A large number of infections in India have also occurred due to filesharing programs, free downloads, and freeware and shareware versions of software.

India plagued by phishing too

Apart from the issue of worms and viruses, spam and phishing continued to plague India as well as the rest of the world. Over the past year, Symantec observed a 192 per cent increase in spam detected across the Internet as a whole, from 119.6 billion messages in 2007 to 349.6 billion in 2008. The report found that phishing continued to grow.

In 2008, Symantec detected 55,389 phishing Web site hosts, an increase of 66 per cent over 2007, when Symantec detected 33,428 phishing hosts.

Twelve per cent of spam detected in APJ in 2008 originated in India, making it the third-ranked country for this category. In 2007, India was the fifth-ranked APJ country, accounting for only 4 per cent of spam in the region. It had the second highest number of spam zombies, with 17 per cent of the regional total, and the fourth highest number of bots, with 5 per cent of the total. The high ranking of India in these categories is the main reason for the high volume of spam originating there.

Exit mobile version