It is not just the IT vendors that are consolidating: the hackers, spam writers, ID thieves, phishing scammers and the bot-network builders are doing the same.
Dean Turner, the executive editor of Symantec Corp.‘s Global Internet Security Threat report, said that data he has gathered over the past six month indicates that malware creators are banding together.
It is also one of the prime reasons why the U.S. saw a decline in the number of command and control servers by two per cent. The U.S. still has 40 per cent of the world’s command and control servers (4,746). Overall command and control servers decreased by 25 per cent — all due to consolidation amongst the criminal groups.
“All that the criminals have done is leveraged the technology. They have just moved from the real world to the virtual world,” Turner said.
During the current reporting period, Turner observed an average of 63,912 active bot network computers per day, an 11 per cent increase over the first half of the year. The worldwide total of distinct bot-infected computers rose to more than 6,049,594, a 29 per cent increase.
As for the rest of the threats Turner said the situation is not getting any better. The number of threats has increased by a whopping 300 per cent since 2005. The only difference Turner points out is that for the most part none of these threats make any noise.
“There is money to be made and it is all about cash. The noisy attacks gets noticed,” Turner added.
Turner described the consolidated group as a thriving ecosystem that generates lots of money. He would go as far to say that these consolidating groups are members of organized crime. However, he did not dismiss the notion either.
He added that while these consolidating groups are causing several data threats and leaks within many world economies they are not yet working together in a global coordinated effort.
Turner puts the 120-page report together from empirical data. While Turner works for Symantec he does not recommend any technology. “This is not a marketing tool,” he said emphatically. He and his team use 40,000 sensors around the world to collect the data along with two million decoy accounts to analysis spam and phishing.
The U.S. ranks tops in every category. They have 31 per cent of the world’s Internet activity and China will pass the U.S. in the next 12 to 18 months. Canada came in fifth.
“Canada ranks pretty high in malicious activity and it’s hard to peg down why. Maybe its legislation, but technological sophistication of the user base in Canada, the U.S. and Israel is high. There are pretty tech savvy with their home PCs,” Turner said.
The government sector accounted for the majority of data breaches with 25 per cent more than education, which came in second. There are several reasons why government data is targeted such as they have legacy systems, older software, but the main reason is that the data is more valuable.
“So getting into one government machine gets you a lot more,” Turner said.
Another scary statistic form the report was that the FBI in the U.S. has been losing 3.5 laptops per month since 2002. And, 81 per cent of companies reported laptop theft since 2002 as well. About 28, per cent of data threats and loss is to insecure policy such as internal Web sites, Wikis, USB keys.
“There is a lot more telecommuting and VPNs, cellphones, PDA and you should ask yourself where is the end point? When connected we are not securing them to networks,” Turner said.