US Is Still the Biggest Source of Surging Malware Attacks

webroot-internet-security-paint-drying-small-38488.jpg

Contrary to popular perception, a majority of the cyber attacks on US companies originate from inside the country rather than from the outside.
For all the attention placed on state-sponsored actors and cybercrime gangs in Russia, China and East Europe, nearly a third of the IP addresses associated with malicious activity and 48 percent of malicious URLs are US-based a report from security vendor Webroot shows. Over 75 percent of all phishing sites are hosted on servers inside the country, the report noted.
The Webroot report is based on an analysis of information gathered by the company’s BrightCloud threat intelligence service. It showed that malware and the infrastructure for hosting and distributing it, is growing fast.
On average, there are a staggering 12 million malicious IP addresses operating on the Internet on any give day with 85,000 new addresses being launched daily. While the IP addresses come from all over the world, over 30 percent of them are from the US followed by China with 23 percent and Russia with 10 percent.
 When Webroot looked at where malicious URLs are located, Russia and China were barely on the list while the US topped with France in a distance second place.
 “The United States is the number one source of attacks, number one in terms of attack victims and number one in terms of attackers,” said Mike Malloy, executive vice president of products and strategy at Webroot.
 One reason why so many malicious URLs are located in the US could simply be that malicious attackers know that URLs in high-risk countries are automatically blocked by geo-filtering services, he said.
The top five companies impersonated by phishing sites in 2014 were Google, Facebook, Yahoo, Apple and Dropbox. The reason why phishers have gravitated towards such sites is pretty simple, Malloy says.
“The credentials to these sites are often the master password to a bunch of other applications,” Malloy said. “There are a lot of applications that ask whether you want to log in with your Facebook ID or you Google ID,” he said. By gaining access to the usernames and passwords to these sites, phishers often can unlock numerous other accounts as well, he said.
Somewhat less surprisingly, Webroot research also showed that Internet users are under growing siege from a variety of malware threats. In Dec 2014, the company noted an over 50 percent increase in phishing activity most likely as a result of the holiday season. The company determined that the average Internet user has a 30 percent chance that he or she will fall victim to a phishing attack involving a zero-day threat for which no remediation is available.
Meanwhile, the number of trustworthy mobile applications fell from 52 percent of all applications in 2013 to 28 percent in 2014. About 50 percent were moderately trustworthy, or suspicious, while the remainder were outright malicious or unwanted. The data shows that threats are extremely dynamic in nature and that IP address blacklists need to be updated constantly to keep up with new attacks and attackers, Webroot said.
Dark Reading: http://ubm.io/1DOZciM

« How To Hack a Military Drone
Banking on A Spy: GCHQ Chief to Fight Bank Cybercrime »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Netsparker

Netsparker

Netsparker provide a web application security scanner to automatically find security flaws in your websites, web applications and web services.

Swiss Re

Swiss Re

Swiss Re Group is a leading wholesale provider of reinsurance, insurance and other insurance-based forms of risk transfer including cyber risk.

KLC Consulting

KLC Consulting

KLC Consulting offers information assurance / Security, IT Audit, and Information Technology products and services to government and Fortune 1000 companies.

Online Business Systems

Online Business Systems

Online Business Systems is an information technology and business consultancy. We design improved business processes enabled with robust and secure information systems.

Cyber Security Raad (CSR) - Netherlands

Cyber Security Raad (CSR) - Netherlands

The Cyber Security Council (CSR) is a national, independent advisory body of the Dutch government undertaking efforts at strategic level to bolster cyber security in the Netherlands.

Digiserve

Digiserve

Digiserve by Telkom Indonesia is an end-to-end managed solutions provider committed to empowering enterprises in Indonesia.

UPX Technologies

UPX Technologies

UPX Technologies is one of the largest digital security centers in Brazil providing full protection for data, networks and content.

DeuZert

DeuZert

DeuZert is an accredited German certification body in accordance with ISO/IEC 27001 (Information Security Management).

BIO-key

BIO-key

BIO-key is a pioneer and innovator, we are recognized as a leading developer of fingerprint biometric authentication and security solutions.

DeNexus

DeNexus

DeNexus is the leading provider of cyber risk modeling for industrial networks. Our Mission is to build the Global Standard for Industrial Cyber Risk Quantification.

SensCy

SensCy

SensCy is a Trusted Guide for Sensible Cybersecurity for small and medium-sized organizations.

ORS Consulting

ORS Consulting

ORS Consulting is a specialist provider of risk management advisory services supporting asset-intensive industries such as chemicals, energy, power and utilities, defence and maritime.

CyberHub

CyberHub

CyberHub is an educational platform that offers professional courses and knowledge sharing through articles and videos to help students discover their potential in cybersecurity.

Leostream

Leostream

Leostream's Remote Desktop Access Platform enables seamless work-from-anywhere flexibility while maintaining security and constant visibility of users.

CipherStash

CipherStash

CipherStash is a complete data governance and breach prevention platform.

Arculus Cyber Security

Arculus Cyber Security

Arculus Cyber Security enables customers to securely realise the benefits of digital transformation through pragmatic solutions, guidance and services.