Asia's cybercrime hits home

Led by China, the region contributed more than 20 percent of the world's total malicious activity, reveals new Symantec study.

SINGAPORE--More than 20 percent of malicious activities in the world originated from the Asia-Pacific region during the second half of 2006, according to a Symantec study.

Released today, the Symantec Asia-Pacific Internet Security Threat report determined that Asian countries made up four of the world's top 10 countries which recorded the highest number of malicious activities.

China accounted for 11 percent of malicious activities worldwide, while Japan, South Korea and Taiwan, collectively, accounted for 7 percent of such activities which included spam, Internet attacks and bot attacks. Other Asian countries included in the study are Thailand, Singapore, Malaysia, Indonesia, Australia and New Zealand.

China accounted for 19 percent of malicious activities in the region. It is also top location from which malicious codes, spam hosts, Internet attacks and bot attacks originated. South Korea (5 percent) and Taiwan (3 percent) are in second and third positions, respectively.

However, Ronnie Ng, manager of pre-sales consulting at Symantec Singapore, noted that in terms of malicious activity per Internet user, China is ranked seventh in the list of Asia-Pacific countries.

Ng presented the findings of the study during a media briefing today, noting that while the amount of malicious activity in China is higher than other countries, the country also has a large number of Internet users. This means China's malicious activity per user will be lower. By comparison, Singapore--with its small population--is ranked second in terms of the level of malicious activity per user, Ng said, adding that Taiwan has the highest level of such activities per user.

"That doesn't mean Singapore has a high level of malicious activity," Ng said. He added that the city-state contributes 2 percent to the amount of malicious activity in the region. "It just means that an Internet user in Singapore may be more subjected to malicious activity," he said.

The Symantec report based its findings on reviews of over 2 million decoy e-mail accounts that attract e-mail from more than 20 countries.

It also collected data from over 40,000 sensors deployed in more than 180 countries, as well as a database that covers more than 20,000 vulnerabilities which affect technologies from over 4,000 vendors.

From the data, Symantec found that China is also most frequently targeted by denial-of-service (DoS) attacks, crippling networks and Web sites, which accounted for 63 percent of attacks during the period that was monitored.

"The reason why China is at the top of the list is because of the large number of Web sites hosted in China," Ng said, adding that South Korea was the next most targeted country, accounting for 13 percent of DoS attacks in the region.

In addition, Symantec also observed an average of 19,095 active bot-infected computers per day in the Asia-Pacific region. On average, the region accounted for about 30 percent of active bots worldwide.

Not surprisingly, 71 percent of bot-infected computers in the region were in China. Because the country has the highest number of broadband users in the region, more Internet users are likely to keep their PCs turned on all the time, giving hackers more opportunities opportunity to hijack their machines, he said.

Among cities in Asia, Beijing, Guangzhou, Hangzhou, Shanghai and Ningbo--all of which are in China--were the top four locations with the most number of bot-infected computers in the region, according to the report.

Elsewhere in Asia, Japan was home to the highest percentage of phishing Web sites in the Asia-Pacific region. "Japan is also home to the second largest number of Web hosting companies in Asia," Ng said.

"In Japan, there are a lot of small Web hosting companies, which [are easy targets for phishers] because attacks can go unnoticed for a longer period of time before they're discovered," he said.

On spam, the Symantec study noted that 88 percent of all e-mail messages in the Philippines were spam. This was followed by Vietnam (86 percent), Sri Lanka (86 percent), Laos (85 percent) and Malaysia (84 percent).

Overall, spam made up 69 percent of all Symantec-monitored e-mail traffic in the Asia Pacific region. China contributed the majority--37 percent--of total spam e-mail messages in the region.

China also housed 43 percent of the total number of spam zombies--where systems are hijacked and used to spam other systems--in the region, while South Korea had 15 percent.