IT security and data protection firm Sophos has published the mid-year 2010 Security Threat Report, on a survey* into attitudes towards cyberwarfare and detailing other trends and developments in IT security for the first half of 2010.
Sophos’s worldwide survey of 1077 computer users uncovers some alarming attitudes towards international cyber-espionage. Respondents were asked questions including whether they thought spying via hacking or malware attacks is an acceptable practice and if the computer networks of private companies in other countries are legitimate targets.
Some of the findings of the survey indicate a relaxed attitude to state-sponsored cybercrime:
* 63% of those polled believe that it is acceptable for their country to spy on other nations by hacking or installing malware (23% said yes at any time. 40% said only during wartime, 37% said no)
* one in 14 respondents believe that crippling denial of service attacks against another country’s communication or financial websites are acceptable during peacetime (49% said only in wartime, 44% said never)
* 32% believe that countries should be allowed to plant malware and hack into private foreign companies in order to spy for economic advantage (23% said this was only acceptable in wartime, 9% said in peacetime, 68% said no)
"It’s perhaps surprising that so many people seem to think that using the internet as a tool for spying, or even as a weapon, is acceptable practice," said Graham Cluley, senior technology consultant at Sophos. "After all, by giving the green light to these kind of activities you’d also have to expect to be on the receiving end too. Maybe yours will be the next company probed by an overseas power?"
‘Operation Aurora’, which first came to light at the start of the year, resulted in Google accusing Chinese hackers of cyberwarfare, as its systems, and those of other companies, were hit with targeted attacks, potentially signalling the most obvious sign yet of a new age of malware.
"Hacking and virus-writing began as a hobbyist activity, often designed to prove how smart the programmer was, rather than to cause serious long-term harm," continued Cluley. "It evolved into organised criminal activity, with the lure of large amounts of money and now, in 2010, it could be argued that the third motivation is using malware and the internet to gain commercial, political and military advantage over others."
US malware
The US is still the top country where malware-hosting websites can be found. These are websites that have been set up with the explicit intention of infecting visitors, or legitimate websites that have been compromised by hackers. Often, aggressive search engine optimisation (SEO) techniques are used to push infected websites to the top of search results, increasing the rate of traffic to malware-hosting pages, infecting more web users.
Top 10 malware-hosting countries, Jan-Jun 2010
Host Country Percentage
United States 42.29%
China 10.75%
Russia 6.13%
Germany 4.08%
France 3.92%
United Kingdom 2.41%
Italy 2.09%
Netherlands 1.76%
Turkey 1.74%
Iran 1.53%
Other 23.3%
"Although website owners in the US clearly have a lot of cleaning up to do, France, Italy and the Netherlands have all joined this top ten since the start of the year, so it’s far from an isolated problem," continued Cluley. "The biggest issue is that a lot of these websites are legitimate ones that have been targeted by hackers – businesses could end up infecting their customers, leaving them open to fraud."
The full mid-year 2010 Security Threat Report contains more information on social networking, malware and spam threats, as well as predictions for emerging trends, and can be downloaded free from the Sophos website: http://www.sophos.com/trmy10
*Sophos online survey, 1077 respondents.
