Malware spreads to emerging countries as cyber threats multiply

Thanks to cookie-cutter tools, cyber attacks are multiplying exponentially across the internet, hitting both developed and emerging countries in all regions of the world, according to an annual assessment by security vendor Symantec.

Symantec found that cyber attacks are growing dramatically in countries such as Brazil, India and Russia. The U.S. is still the No. 1 country where computers are attacked, accounting for 19 percent of all malicious code findings. But that stat is down from 23 percent a year ago, according to the 97-page Symantec Global Internet Security Report.

As emerging countries launch broadband networks and new users connect to them, the scourge of phishing, botnets, and other threats is hitting them too.

One reason is that those new users aren’t as savvy about protecting their computers as those where computers have been used for a long time, said Kevin Haley, director of Symantec Security Response.

The attacks are yielding ill-gotten gains such as stolen credit card numbers or online bank accounts, and that in turn fuels a huge underground economy that covers just about every corner of the globe where there are web-connected computers.

As the computers in the emerging countries are compromised, they are brought into botnets, which are herds of computers that hackers use to attack others or even rent out for a fee to other attackers. Botnets consist of thousands or sometimes millions of computers. Each bot can be rented for as little as 3 cents, the report said.

The actual number of bots being identified per day is 46,591. That number is down 38 percent from a year ago, in part because some Internet service providers that supported the botnets have been shut down.

As for attacks on users, the prime goal is phishing, or stealing usernames and passwords in the hopes of gaining access to online bank accounts or personal information. Many phishing attempts are masked as cheap antivirus offers, which fools people into giving out their credit card numbers and personal data. The attackers often exploit holes in common programs such as Internet Explorer or Adobe Reader. The main means for these attacks are malware programs that are generated in near automatic fashion using widely available tool kits such as ZeuS or SpyEye.

Symantec has identified more than 90,000 different variants of malware created with the ZeuS tool kit. It has to come up with a specific signature of each of those variants to be able to block them. And in 2009, Symantec had to create more signatures than it ever had in all of its previous years.

That gives you an idea of the underground economy that has grown up around cyber threats. The company estimates that 130 million credit card numbers were stolen in 2009.Another measure is the price of stolen credit cards, which go for anywhere from 85 cents to $30 per stolen card.

Measures to deal with cyber crime are also getting better, but it’s still hard for security forces to keep up. Cyber criminals are proving to be extremely resilient, coming back time after time with bigger and more sophisticated attacks.