The current threat landscape | SC Media

The current threat landscape

September 24, 2009

Malicious activity is increasing in countries with rapidly emerging internet infrastructures.

In 2008, the percentage of overall malicious activity decreased for countries with well-developed broadband infrastructures and increased for virtually every other country in the top 10. 

  • Malicious activity usually affects computers that are connected to high-speed broadband Internet because these connections are attractive targets for attackers.
  • Broadband connections provide larger bandwidth capacities than other connection types, faster speeds, the potential of constantly connected systems, and typically more stable connections
  • The top three countries for malicious activity—the United States, China and Germany—also have extensively developed and growing broadband infrastructures.
  • Countries that have rapidly growing Internet infrastructures and growing broadband populations are likely to see increasing levels of malicious activity until security protocols and measures are improved to counter these activities.
  • As in 2007, the United States, China and Germany were the countries with the highest percentage of malicious activity in 2008, with 23 percent, 9 percent, and 6 percent respectively. However, these levels were down from 2007 levels, which were at 26 percent for the United States, 11 percent for China and 7 percent for Germany.
  • China passed the United States for the largest number of broadband subscribers for the first time in 2008, with 21 percent of the worldwide total (or 83.3 million subscribers); the United States was second with 20 percent, while Germany was fourth with 6 percent.
  • With the exception of France and Italy, every other country in the top 10 experienced increasing levels of malicious activity from 2007 to 2008. These include the United Kingdom (up from 4 percent in 2007 to 5 percent in 2008); Brazil and Spain (each up from 3 percent in 2007 to 4 percent in 2008); and Turkey and Poland (each up from 2 percent in 2007 to 3 percent in 2008).

Web-based attacks are the primary vector for malicious activity over the Internet.

The commonness of Web applications along with the ubiquity of easy-to-exploit Web application vulnerabilities have resulted in the prevalence of web-based threats.

  • Web-based attacks are a major threat to computer networks for both enterprises and consumers; the covert nature of these types of attacks makes them very difficult to mitigate because most users are unaware they were being attacked. Organizations then are confronted with the complex task of having to detect and filter attack traffic from legitimate traffic.
  • Because many organizations are reliant on Web-based tools and applications to conduct business, it is likely that the web will continue to be the primary conduit for attack activity favored by malicious code developers.
  • With web-based threats, attackers wanting to take advantage of client-side vulnerabilities no longer need to actively compromise specific networks to gain access to those computers; instead, they can attack and compromise websites in order to mount additional, client-side attacks.
  • Most of these types of attacks target specific vulnerabilities or weaknesses in web browsers or other client-side applications that process content originating from the Web.
  • Web-based attacks may involve social engineering to entice a victim to view a malicious website, but most attacks exploit trusted high-traffic Websites.
  • Web-based threats have not only become widespread, they also have increased in sophistication and severity.
  • Dynamic sites are prime targets for attackers using bot-infected computers to propagate and host malicious content since Web application and site-specific vulnerabilities can put these types of sites at risk.
prestitial ad