In its annual review of global security threats, Websense Inc., says a major trend it observed last year is that more malware connections, hosting and phishing appear to be occurring in the United States and Canada.
“Fifty per cent of malware connections lead to the U.S.,” says Charles Renert, vice president of Websense Security Labs. According to the 2012 Websense Threat Report, Canada’s malware ranking has also zoomed upward in the past year, so the country now clocks in at No. 2 at 13.2 per cent. The countries in the top five ranking include Germany at 5.4 per cent, the Netherlands at 4.9 per cent and China at 4.1 per cent.
China and Russia used to be much bigger in the rankings, according to Websense, but since organizations have been more often blocking IP ranges for these countries, cybercriminals have turned to getting malware closer to their victims by exploiting trusted networks, such as social-networking sites.
The Websense report says the U.S. is the top country at 36.3 per cent, followed by Russia at 14.7 per cent, France at 13.2 per cent, Germany at 7.0 per cent, and Singapore at 3.4 per cent in a tally of the top five where malware hosting occurs. The top five countries for phishing are said to be the U.S. at 59.9 per cent, followed by Canada at 9.8 per cent, Egypt at 6.8 per cent, Germany at 2.3 per cent and the United Kingdom at 1.8 per cent.
“It’s all about social engineering and the lures,” Renert says.
Social networks such as Facebook, Twitter and Google have become prime targets for malware attacks of all kinds on their users, he notes. A commonplace example is the “video lure” to a compromised site, which is a type of attack increasing on Facebook, he notes.
“Having more than six out of 10 malicious web sites on compromised hosts is unacceptable to a society that is moving to the cloud as a backbone for commerce, communications and culture,” the report says.
While the threat report is a summary of perceived trends that dominated 2011, Websense is also venturing out with predictions for the future. Perhaps not surprisingly, one of them is that “Your social media identity may prove more valuable to cybercriminals than your credit cards. Bad guys will actively buy and sell social media credentials in online forums.”
Ellen Messmer is senior editor at Network World, an IDG publication and Web site, where she covers news and technology trends related to information security.