US Is Still the Biggest Source of Surging Malware Attacks

Uploaded on 2015-05-04 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

webroot-internet-security-paint-drying-small-38488.jpg

Contrary to popular perception, a majority of the cyber attacks on US companies originate from inside the country rather than from the outside.
For all the attention placed on state-sponsored actors and cybercrime gangs in Russia, China and East Europe, nearly a third of the IP addresses associated with malicious activity and 48 percent of malicious URLs are US-based a report from security vendor Webroot shows. Over 75 percent of all phishing sites are hosted on servers inside the country, the report noted.
The Webroot report is based on an analysis of information gathered by the company’s BrightCloud threat intelligence service. It showed that malware and the infrastructure for hosting and distributing it, is growing fast.
On average, there are a staggering 12 million malicious IP addresses operating on the Internet on any give day with 85,000 new addresses being launched daily. While the IP addresses come from all over the world, over 30 percent of them are from the US followed by China with 23 percent and Russia with 10 percent.
 When Webroot looked at where malicious URLs are located, Russia and China were barely on the list while the US topped with France in a distance second place.
 “The United States is the number one source of attacks, number one in terms of attack victims and number one in terms of attackers,” said Mike Malloy, executive vice president of products and strategy at Webroot.
 One reason why so many malicious URLs are located in the US could simply be that malicious attackers know that URLs in high-risk countries are automatically blocked by geo-filtering services, he said.
The top five companies impersonated by phishing sites in 2014 were Google, Facebook, Yahoo, Apple and Dropbox. The reason why phishers have gravitated towards such sites is pretty simple, Malloy says.
“The credentials to these sites are often the master password to a bunch of other applications,” Malloy said. “There are a lot of applications that ask whether you want to log in with your Facebook ID or you Google ID,” he said. By gaining access to the usernames and passwords to these sites, phishers often can unlock numerous other accounts as well, he said.
Somewhat less surprisingly, Webroot research also showed that Internet users are under growing siege from a variety of malware threats. In Dec 2014, the company noted an over 50 percent increase in phishing activity most likely as a result of the holiday season. The company determined that the average Internet user has a 30 percent chance that he or she will fall victim to a phishing attack involving a zero-day threat for which no remediation is available.
Meanwhile, the number of trustworthy mobile applications fell from 52 percent of all applications in 2013 to 28 percent in 2014. About 50 percent were moderately trustworthy, or suspicious, while the remainder were outright malicious or unwanted. The data shows that threats are extremely dynamic in nature and that IP address blacklists need to be updated constantly to keep up with new attacks and attackers, Webroot said.
Dark Reading: http://ubm.io/1DOZciM

« How To Hack a Military Drone
Banking on A Spy: GCHQ Chief to Fight Bank Cybercrime »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Pondurance

Pondurance

Pondurance is an IT Security and Compliance company providing services in Cyber Security, Continuity, Compliance and Threat Management.

Bsquare

Bsquare

Bsquare DataV software and engineering services help enterprises implement business-focused Internet of Things systems.

Payatu

Payatu

Payatu Technologies is a security testing and services company specialized in Software, Application and Infrastructure security assessments and deep technical security training.

IAC

IAC

IAC is a specialist Irecruitment consultancy covering Internal Audit, Risk, Controls, Governance, IT Audit, and Cyber Security roles.

Fortanix

Fortanix

Fortanix Runtime Encryption keeps keys, data, and applications completely protected from external and internal threats.

Redstor

Redstor

Redstor's complete data management helps you discover, manage and control your data from a single control centre, unifying backup and recovery, disaster recovery, archiving and search and insight.

Red Piranha

Red Piranha

Red Piranha's Crystal Eye Unified Threat Management Platform is designed for Managed Service Providers and corporations that need extreme security that is both easy to use and affordable.

Eaton

Eaton

Eaton provides comprehensive cybersecurity services for operational technology (OT) to help keep your operations and personnel safe.

Belcan

Belcan

Belcan is a global supplier of engineering, manufacturing & supply chain, workforce and government IT solutions to customers in the aerospace, defense, automotive, industrial, and private sector.

Digistor

Digistor

Digistor is a leading manufacturer of industrial-grade flash storage products, secure storage products, and Removable Secure Data Storage.

Prancer

Prancer

Prancer is the industry's first cloud-native, self-service SAAS platform for automated security validation and penetration testing in the cloud.

CertNexus

CertNexus

CertNexus is a vendor-neutral certification body, providing emerging technology certifications and micro-credentials for business, data, developer, IT, and security professionals.

Theos Cyber Solutions

Theos Cyber Solutions

Theos Cyber provides service-first cybersecurity solutions to digital businesses in Asia.

DigitalPlatforms

DigitalPlatforms

DigitalPlatforms SpA is an Italian group with the mission of providing end-to-end solutions and Internet of Things and Cyber technologies to companies that manage critical infrastructures.

MIS Solutions

MIS Solutions

MIS Solutions is a managed cloud and IT security partner making technology work for you.

Maveris

Maveris

Maveris is an IT and cybersecurity company committed to helping organizations create secure digital solutions to accelerate their mission.