Sophos has published its Security Threat Report 2009 examining the threat landscape over the last twelve months, and predicting emerging cybercrime trends for 2009.
The Sophos Security Threat Report reveals that more malware is hosted on U.S. websites and more spam is relayed from American computers, than any other country. As evidence of this, when an American Internet company, accused of collaborating with spammers and hackers, was disconnected from the Net in November, there was a staggering 75 percent drop in spam.
Sophos’s research reveals that in 2008 organized criminal gangs tripled their attacks against innocent websites, injecting malicious code to infect visiting home users and businesses. In addition, 2008 has seen concerted campaigns by hackers to pose as legitimate anti-virus vendors, creating new professional-looking websites and applications every day with the intention of scaring users into believing that their computers have been compromised. On average, Sophos identifies five new scareware websites every day, with the figure peaking at over 20 per day on occasion.
The report, which documents the major Internet attacks of 2008, also reveals a startling rise in hackers spamming out malicious attachments, designed to compromise PCs in order to steal identities, money and resources. By the end of 2008, Sophos was tracking five times more malicious attacks arriving through files attached to emails than at the start of the year.
Furthermore, spammers and malware authors have shown a deadly interest in websites like Facebook – breaking into innocent users’ accounts to take advantage of trusted social networks, and send spam and malware.
Internet attacks are overwhelmingly orchestrated via networks of innocent home computers that have – unknown to their owners – been commandeered by hackers. Sophos urges home users and businesses to properly defend their PCs with up-to-date anti-virus software, security patches and firewalls.
In 2007, China was responsible for hosting over 50 percent of all web-based malware. However, in 2008 this position was stolen by the United States.
The top ten list of malware-hosting countries in 2008 reads as follows:
1. United States 37.0%
2. China (incl. HK) 27.7%
3. Russia 9.1%
4. Germany 2.3%
5. S Korea 2.1%
6. Ukraine 1.8%
7. United Kingdom 1.7%
8. Turkey 1.5%
9. Czech Republic 1.3%
10. Thailand 1.2%