By JORDAN ROBERTSON, AP Technology Writer
The United States generates more malicious computer activity than any
other country, and sophisticated hackers worldwide are banding
together in highly efficient crime rings, according to a new report.
Researchers at Cupertino-based Symantec Corp. also found that fierce
competition in the criminal underworld is driving down prices for
stolen financial information.
Criminals may purchase verified credit card numbers for as little as
$1, and they can buy a complete identity -- a date of birth and
U.S. bank account, credit card and government-issued identification
numbers -- for $14, according to Symantec's twice-yearly Internet
Security Threat Report released Monday.
Researchers at the security software company found that about a third
of all computer attacks worldwide in the second half of 2006
originated from machines in the United States. That makes the United
States the most fertile breeding ground for threats such as spam,
phishing and malicious code -- easily surpassing runners-up China,
which generates 10 percent of attacks, and Germany, which generates 7
percent.
The United States also leads in "bot network activity." Bots are
compromised computers controlled remotely and operating in concert to
pump out spam or perform other nefarious acts.
The legitimate owner of the computer typically doesn't know the
machine has been taken over -- and the phenomenon is largely
responsible for the palpable increase in junk e-mail in the past half
year.
Spam made up 59 percent of all e-mail traffic Symantec
monitored. That's up 5 percentage points from the previous
period. Much of the spam was related to stock picks and other
financial scams.
The United States is also home to more than half of the world's
"underground economy servers" -- typically corporate computers that
have been commandeered to facilitate clandestine transactions
involving stolen data and may be compromised for as little as two
hours or as long as two weeks, according to the report.
The study marks the first time Symantec researchers have studied the
national origins of computer attacks. The report focused on attacks
during the last half of 2006 on more than 120 million computers
running Symantec antivirus software. The company operates more than 2
million decoy e-mail accounts designed to attract messages from around
the world to identify spam and phishing activity.
Alfred Huger, vice president of Symantec Security Response, said
online criminals appear to be adopting more sophisticated means of
"self-policing." They're launching denial-of-service attacks on
rivals' servers and posting pictures online of competitors' faces.
"It's ruthless, highly organized and highly evolved," Huger said.
One of the most startling findings: The worldwide number of
bot-infected computers rose -- an increase of about 29 percent from
the previous six months, to more than 6 million computers total --
while the number of servers controlling them plunged. The number of
such "command-and-control" servers declined by about 25 percent to
around 4,700.
Symantec researchers said the decrease signifies that bot network
owners are consolidating to expand their networks, creating a more
centralized, efficient structure for launching attacks.
Twenty-six percent of the world's bot-infected computers were in
China, a higher percentage than any other country.
According to Symantec, Microsoft Corp.'s Internet Explorer was the
most-targeted Web browser, attracting 77 percent of all browser
attacks.
Symantec said it expects to see more threats begin to emerge against
Microsoft's Vista operating system. It also expects multiplayer online
games to be targeted by phishers, who fool users into divulging
passwords or other personal information by creating fake Web sites
that look like the real thing.
Copyright 2007 The Associated Press.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily. And, discuss this and other topics in our forum at
http://telecom-digest.org/forum (or)
http://telecom-digest.org/chat/index.html
For more news and headlines each day, please go to:
http://telecom-digest.org/td-extra/AP.html
Jordan Robertson, AP (ap@telecom-digest.org)