Study: RP is tops in SEA for Web-based attacks

A recently released report conducted by Internet security firm Symantec has shown that the Philippines is the top country in Southeast Asia for Web-based attacks by origin, ahead of Indonesia, Thailand, and Singapore. Web-based attacks are often launched from computers other than the one the user is visiting through redirection or malicious ads. For instance, an attacker could use a computer based in the Philippines to redirect a user to a specific site or a bogus ad. But Symantec Philippines country manager Luichi Robles said that even if the Philippines has the highest number of Web-based attacks in the region, it does necessarily mean that the attacks actually originated from the country. “The Philippines could have just been used as a launch pad for these Web-based attacks," Robles said in a media briefing. The report said that attackers are employing social engineering techniques to lure unsuspecting users to malicious websites. These websites then attack the victim’s Web browser and vulnerable plug-ins normally used to view video or document files. The report said that attackers globally are employing social engineering techniques, such as when an unsuspecting user is tricked into divulging confidential information or is led into to a malicious website. This website then attacks the victim’s Web browser and vulnerable plug-ins normally used to view video or document files. In particular, 2009 saw dramatic growth in the number of Web-based attacks targeted at PDF viewers, accounting for 49 percent of observed Web-based attacks. This is a sizeable increase from the 11 percent reported in 2008, the report said. The survey, dubbed “Internet Security Threat Report volume XV," highlighted key trends in cybercrime from January 1, 2009 to December 31, 2009. The report showed that despite the increase in security awareness, there was a continued growth in both the volume and sophistication of cybercrime attacks. The report also included the Philippines as among those included in the top 10 countries in Asia Pacific and Japan (APJ) in the areas of malicious activity, bot-infected computers, phishing URLs and originating spam. The country ranked 10th in malicious activities in APJ, maintaining its rank in 2008. In Southeast Asia, Philippines ranked fourth, behind Thailand, Vietnam, and Indonesia. It maintained its ranking for bot-infected computers at No. 10 in APJ and No. 4 in SEA, in both 2008 and 2009. Bots are covertly installed on a computer to allow hackers to remotely control the machine for a wide variety of malicious purposes such as data breaches and information and identity theft. The number of new users adopting broadband in a country, Symantec said, may be a significant factor in the rate of bot infections. For phishing URLs, the Philippines came in eighth in APJ and second in SEA behind Thailand. The most targeted sector was the financial services segment with 92 percent of phishing URLs detected in the country spoofing financial services industry (FSI) brands. “Attackers were targeting confidential information, especially bank account credentials and credit card information. Such data are highly sourced for and sold at lucrative prices in the underground economy," the report noted. For spam origin, the Philippines landed on the 10th spot in APJ, and fourth in SEA. Overall, the most common type of spam detected in 2009 was related to Internet-related goods and services such as online degrees, which made up 29 percent of all detected spam. Eighty eight percent of all email traffic observed by Symantec was spam, which meant only 12 percent of email was legitimate. Botnets were responsible for approximately 85 percent of all spam, it added. Raymond Goh, regional technical director for systems engineering and customer advisory services at Symantec, underlined the fact that there was an increase in the number of targeted threats focused on enterprises. Goh also noted that attackers have exploited the abundance of personal information openly available on social networking sites to launch socially engineered attacks on key individuals within targeted companies. The executive said malicious activities are taking root in emerging countries with an emerging broadband infrastructure, such as Brazil, India, Poland, Vietnam, and Russia. In 2009, these countries moved up the rankings as a source and target of malicious activity by cybercriminals. The findings from the report suggest that government crackdowns in developed countries have led cybercriminals to launch their attacks from the developing world, where they are less likely to be prosecuted. But it’s not all doom and gloom with the security awareness of computer users still growing, said Goh. “It’s important that we all look at where our information are stored and used. And we have to be vigilant at all times," he said. -- Melvin G. Calimag, GMANews.TV