US Is Still the Biggest Source of Surging Malware Attacks

Uploaded on 2015-05-04 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

webroot-internet-security-paint-drying-small-38488.jpg

Contrary to popular perception, a majority of the cyber attacks on US companies originate from inside the country rather than from the outside.
For all the attention placed on state-sponsored actors and cybercrime gangs in Russia, China and East Europe, nearly a third of the IP addresses associated with malicious activity and 48 percent of malicious URLs are US-based a report from security vendor Webroot shows. Over 75 percent of all phishing sites are hosted on servers inside the country, the report noted.
The Webroot report is based on an analysis of information gathered by the company’s BrightCloud threat intelligence service. It showed that malware and the infrastructure for hosting and distributing it, is growing fast.
On average, there are a staggering 12 million malicious IP addresses operating on the Internet on any give day with 85,000 new addresses being launched daily. While the IP addresses come from all over the world, over 30 percent of them are from the US followed by China with 23 percent and Russia with 10 percent.
 When Webroot looked at where malicious URLs are located, Russia and China were barely on the list while the US topped with France in a distance second place.
 “The United States is the number one source of attacks, number one in terms of attack victims and number one in terms of attackers,” said Mike Malloy, executive vice president of products and strategy at Webroot.
 One reason why so many malicious URLs are located in the US could simply be that malicious attackers know that URLs in high-risk countries are automatically blocked by geo-filtering services, he said.
The top five companies impersonated by phishing sites in 2014 were Google, Facebook, Yahoo, Apple and Dropbox. The reason why phishers have gravitated towards such sites is pretty simple, Malloy says.
“The credentials to these sites are often the master password to a bunch of other applications,” Malloy said. “There are a lot of applications that ask whether you want to log in with your Facebook ID or you Google ID,” he said. By gaining access to the usernames and passwords to these sites, phishers often can unlock numerous other accounts as well, he said.
Somewhat less surprisingly, Webroot research also showed that Internet users are under growing siege from a variety of malware threats. In Dec 2014, the company noted an over 50 percent increase in phishing activity most likely as a result of the holiday season. The company determined that the average Internet user has a 30 percent chance that he or she will fall victim to a phishing attack involving a zero-day threat for which no remediation is available.
Meanwhile, the number of trustworthy mobile applications fell from 52 percent of all applications in 2013 to 28 percent in 2014. About 50 percent were moderately trustworthy, or suspicious, while the remainder were outright malicious or unwanted. The data shows that threats are extremely dynamic in nature and that IP address blacklists need to be updated constantly to keep up with new attacks and attackers, Webroot said.
Dark Reading: http://ubm.io/1DOZciM

« How To Hack a Military Drone
Banking on A Spy: GCHQ Chief to Fight Bank Cybercrime »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Secure Identity Alliance (SIA)

Secure Identity Alliance (SIA)

The Secure Identity Alliance is dedicated to supporting sustainable worldwide economic growth and prosperity through the development of trusted digital identities and the adoption of secure eServices.

Avanan

Avanan

Avanan is The Cloud Security Platform. Protect all your SaaS applications using tools from over 60 industry-leading vendors in just one click.

Adroit Technologies

Adroit Technologies

Adroit Technologies has been developing award winning real-time software for the industrial automation markets for over 25 years.

Clearswift

Clearswift

Clearswift is trusted by businesses, governments and defense organizations globally for its Adaptive Cyber Security and Data Loss Prevention solutions.

Bessemer Venture Partners (BVP)

Bessemer Venture Partners (BVP)

Bessemer Venture Partners was born from innovations that literally forged modern building and manufacturing. Today, our team of investors works with people who want to create revolutions of their own.

Com Laude

Com Laude

Com Laude is a domain name management company that provides strategic consulting to help companies strengthen digital brand, safeguard customers & protect brand IP.

Shift5

Shift5

Shift5 focus on securing operational technology (OT) by building best-in-class, dual-use products serving military and commercial entities.

INVISUS

INVISUS

INVISUS protects businesses against the latest cyber risks – including business and employee identity theft, data breaches, and cybersecurity compliance.

SecureAge Technology

SecureAge Technology

We’re a rapidly growing cybersecurity company with an 18-year history of ZERO Data breaches. Our security solutions place security and usability on equal footing. Learn more about our technology.

Cyvatar

Cyvatar

Cyvatar is a technology-enabled cyber security as a service (CSaaS) provider delivering smarter managed security to help you achieve compliance and security faster and more efficiently.

Upfront Security

Upfront Security

Upfront Security helps companies with innovative products & services to prevent, recognise and recover from (identity) fraud.

Association of anti Virus Asia Researchers (AVAR)

Association of anti Virus Asia Researchers (AVAR)

AVAR's mission is to prevent the spread of and damage caused by malicious software, and to develop cooperative relationships among anti-malware experts in Asia.

Drawbridge

Drawbridge

Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry.

Hackurity.io

Hackurity.io

Hackurity.io is a high energy IT security start-up founded in 2021 out of the frustration that IT Security is highly fragmented and reactive.

Quantum Ventura

Quantum Ventura

Quantum Ventura is a technology innovation company with a single mission of delivering customer-centric advanced solutions to US Federal & State Governments and Private Sector customers.

Databarracks

Databarracks

Databarracks deliver award winning IT resilience and continuity services. We help organisations get the most out of the cloud and protect their data, wherever it lives.