Symantec: UK and Germany lead Europe for malicious activity
Apparently, Germany is the top location in Europe when it comes to malware, phishing, botnets and other dubious activities, but the UK leads Europe as a source of malicious code. This is according to volume 16 of Symantec's Internet Security Threat Report (ISTR), in which the UK comes top in the overall percentage of malicious activity, with Germany ranking second.
In global rankings though, the positions are swapped with the UK coming fifth and Germany coming third. Symantec says it believes this is due to malicious activity in the UK being focussed on the UK, whilst in Germany, attackers were "more likely to target global systems". The report puts Germany at the top of European nations for botnets and phishing servers. In 2010, Symantec said that it observed 470,000 individual bot-infected computers, and that every fifth European bot computer was said to be located in Germany. According to the security firm, Germany is a preferred logistical centre for deploying viruses, phishing emails and spam which could be due to the country's good internet infrastructure and the higher average balance in German bank accounts.
Symantec's ISTR report states that in 2010, criminals increasingly used exploit toolkits for their attacks. Such toolkits bombard a browser with multiple exploits to infect the user's PC. Criminals using such methods require no particular skills; all they need to do is install a readily assembled toolkit such as Phoenix, NeoSploit or NukeSploit on a server and inject the URLs pointing to this server into other web pages. Such URLs are increasingly deployed via social networks such as Facebook and Twitter, where they tend to appear after having been obscured via URL shorteners. Holes in Java plug-ins were reportedly the main vector for attacks against users in 2010.
Symantec takes a conservative position in terms of smartphone threats. The company said that, although the number of attacks on such devices as iPhones and Android phones has increased, there is only a limited overall threat. In the AV vendor's view, these platforms have not become a major target for cyber criminals because exploits for them only allow a limited amount of revenue to be generated. "While mobile-device Trojans have made attempts at revenue generation through premium-rate services, this is still not as profitable as credit card fraud and the theft of online banking credentials", said Symantec. However, this could reportedly change with the increasing availability of wireless payment solutions for smartphones.
- Symantec Report Finds Cyber Threats Skyrocket in Volume and Sophistication, press release from Symantec.