US Is Still the Biggest Source of Surging Malware Attacks

Uploaded on 2015-05-04 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

webroot-internet-security-paint-drying-small-38488.jpg

Contrary to popular perception, a majority of the cyber attacks on US companies originate from inside the country rather than from the outside.
For all the attention placed on state-sponsored actors and cybercrime gangs in Russia, China and East Europe, nearly a third of the IP addresses associated with malicious activity and 48 percent of malicious URLs are US-based a report from security vendor Webroot shows. Over 75 percent of all phishing sites are hosted on servers inside the country, the report noted.
The Webroot report is based on an analysis of information gathered by the company’s BrightCloud threat intelligence service. It showed that malware and the infrastructure for hosting and distributing it, is growing fast.
On average, there are a staggering 12 million malicious IP addresses operating on the Internet on any give day with 85,000 new addresses being launched daily. While the IP addresses come from all over the world, over 30 percent of them are from the US followed by China with 23 percent and Russia with 10 percent.
 When Webroot looked at where malicious URLs are located, Russia and China were barely on the list while the US topped with France in a distance second place.
 “The United States is the number one source of attacks, number one in terms of attack victims and number one in terms of attackers,” said Mike Malloy, executive vice president of products and strategy at Webroot.
 One reason why so many malicious URLs are located in the US could simply be that malicious attackers know that URLs in high-risk countries are automatically blocked by geo-filtering services, he said.
The top five companies impersonated by phishing sites in 2014 were Google, Facebook, Yahoo, Apple and Dropbox. The reason why phishers have gravitated towards such sites is pretty simple, Malloy says.
“The credentials to these sites are often the master password to a bunch of other applications,” Malloy said. “There are a lot of applications that ask whether you want to log in with your Facebook ID or you Google ID,” he said. By gaining access to the usernames and passwords to these sites, phishers often can unlock numerous other accounts as well, he said.
Somewhat less surprisingly, Webroot research also showed that Internet users are under growing siege from a variety of malware threats. In Dec 2014, the company noted an over 50 percent increase in phishing activity most likely as a result of the holiday season. The company determined that the average Internet user has a 30 percent chance that he or she will fall victim to a phishing attack involving a zero-day threat for which no remediation is available.
Meanwhile, the number of trustworthy mobile applications fell from 52 percent of all applications in 2013 to 28 percent in 2014. About 50 percent were moderately trustworthy, or suspicious, while the remainder were outright malicious or unwanted. The data shows that threats are extremely dynamic in nature and that IP address blacklists need to be updated constantly to keep up with new attacks and attackers, Webroot said.
Dark Reading: http://ubm.io/1DOZciM

« How To Hack a Military Drone
Banking on A Spy: GCHQ Chief to Fight Bank Cybercrime »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Wall Street Technology Association (WSTA)

Wall Street Technology Association (WSTA)

The Wall Street Technology Association (WSTA) provides financial industry technology professionals with forums to learn from and connect with each other.

Berkman Klein Center for Internet & Society

Berkman Klein Center for Internet & Society

The Berkman Klein Center for Internet & Society is a research center at Harvard University that focuses on the study of cyberspace.

RoboForm

RoboForm

RoboForm's industry-leading encryption technology securely stores your passwords, with one Master Password serving as your encryption key.

SecuTech Solutions

SecuTech Solutions

SecuTech is a global leader in providing strong authentication and software licensing management solutions.

R2S Technologies

R2S Technologies

R2S can help you implement a cyber security framework to ensure your business is more resilient towards the growing threat of cyber crime. We provide Web and Mobile Application Security Assessment..

Cloudsine

Cloudsine

Cloudsine (formerly Banff Cyber Technologies) is a cloud technology company specializing in cloud adoption, security and innovation.

ZecOps

ZecOps

ZecOps is a cybersecurity automation company offering solutions for servers, endpoints, mobile devices, and custom devices.

Nucleus Security

Nucleus Security

Nucleus is a leading Vulnerability Management platform for Large Enterprises, MSPs/MSSPs, and Application Security Teams that want more from their vulnerability management tools.

ESC - Enterprise Security Center

ESC - Enterprise Security Center

ESC is a system house specializing exclusively in IT security - Security Implementation & Optimization, Operations, Managed Security Services.

Team Secure

Team Secure

Team Secure provide Enterprise-grade Cyber Security consultancy, managed security services and cyber security staffing services.

RevealSecurity

RevealSecurity

RevealSecurity's TrackerIQ detects malicious activities in enterprise applications.

Pillr

Pillr

Pillr is a cybersecurity operations platform capable of adapting to the demands of your business and team — and the global threat landscape.

TempoCap

TempoCap

TempoCap is a European growth-stage technology fund with offices in London and Berlin. We invest across a variety of high- growth sectors including cybersecurity.

Ofcom

Ofcom

Ofcom is the UK's communications regulator. We regulate the TV, radio and video on demand sectors, fixed line telecoms, mobiles, postal services, plus the airwaves over which wireless devices operate.

Bulletproof Solutions

Bulletproof Solutions

Bulletproof provides IT expert support, services, and guidance to businesses small and large as they grow and adapt to today’s complex IT, cybersecurity, and compliance needs.

Bell Canada

Bell Canada

Bell is the leading provider of network and communications services for Canadian businesses and the partner for delivering network, IoT, cloud, voice, collaboration and security solutions.