Skip Links

Network World

  • Social Web 
  • Email 
  • Close

More evidence of U.S. as malware capital

By Matt Hines , InfoWorld , 03/26/2007

Contrary to beliefs that overseas crime networks and unemployed computer programmers in Eastern Europe remain the leading sources of virus code on the Internet, new research supports the growing perception that the United States is producing greater volumes of malware code than any other region of the planet.

According to security hardware maker Finjan's latest Web Security Trends Report -- which analyzes data collected by the San Jose-based firm over the first three months of 2007 -- more than 80% of the Web sites it found to be distributing malicious code were hosted on servers located in the U.S.

Although Finjan officials concede that much of the malware distributed by those sites may indeed be written and controlled by hackers operating outside of the U.S., the results indicate that efforts by legislators and law enforcement officials to crack down on illegal computing activity in the nation may not yet be succeeding.

According to the Q1 Finjan report, published on March 26, the United Kingdom ranked second in the list of countries hosting infected sites, accounting for roughly 10 percent, followed by Canada, Germany, and Italy. Noticeably absent from the top of the rankings are Russia and China, which have been widely perceived in recent years as leading sources of malware worldwide.

Finjan'sresults jibe with rival Symantec's latest Internet Security Threat Report -- released earlier this month -- which also maintains that attacks are increasingly emanating from sources in the United States. Symantec's research, which focused on all types of threats, not just Web-based attacks, reported that the U.S. is the source of about 31% of all malware and phishing schemes.

The reason why so many threats are coming from sites hosted in the U.S. and other relatively wealthy nations -- most of which have stricter laws in place to combat such efforts than their developing neighbors -- is simple, said Yuval Ben-Itzhak, chief technology officer at Finjan.

No matter what region the code writers live in, he said, attackers are flocking to markets where the most money is changing hands to carry out their crimeware schemes, and increasingly doing so by hijacking legitimate URLs to pass out their work.

"If you look back at many reports over the last few years, the perception has been that the malware is coming from Russia and other areas where laws are fewer and harder to enforce, but when we analyzed the live end-user content, we realized that a vast majority of malware was coming from servers in the U.S. where there are advanced laws and practices," Ben-Itzhak said.

Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.

Download the white paper.

Unauthorized applications: Taking back control

Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?

Download the white paper.

Comments (1)
Login
Forgot your account info?

Pretty clear Finjan doesn't get itBy Anonymous on March 28, 2007, 7:38 pmBots, and sites HIJACKED by companies operating overseas are causing these issues. Yes the sites and bots may be in the US, that isn't the point of anything the...

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library. Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.

Whitepapers

Advancing the Economics of Networking

Aging network systems and old habits have dictated how businesses spend their IT budgets. As a...

Implementing HA at the Enterprise Data Center Edge to Connect to a Large Number of Branch Offices

This paper reviews the problem of creating a network where the dynamic availability of services is...

Enterprise Data Center Network Reference Architecture

Using a High Performance Network Backbone to Meet the Requirements of the Modern Enterprise Data...

Webcasts

PoE Plus: Impact on the PoE Market

The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...

Harnessing the power of communications to increase workplace performance

Due to the convergence of IT and telecommunications technologies, the business workplace has been...

Stay out of the headlines: Detecting and preventing network intrusions

How do YOU stay out of the headlines? There is no denying that risk exists in our computer-driven...

Special Reports

The Evolution of Network Security

We have so many holes punched in our firewalls today that many industry insiders question the value...

IP address management in 2008 - six things to know

Read this Network World Special Brief to learn how Enterprise IT managers must update their...

The self-managed network

We aren't there yet, but advances in network and systems management tools are making it possible to...