UAE less susceptible to malicious attacks

The UAE has improved its global ranking in the malicious attacks index for the second year in a row, having moved two spots – from 38th in the world to 40th – in the list of most-targeted countries, according to a report by global internet security company Symantec.

Symantec's 14th edition of its Internet Security Threat Report (ISTR) ranked Saudi Arabia first in the GCC for online attacks. The report found that most GCC countries had improved their internet security and were not as highly ranked for attacks on a global level as they were in the 2008 report, with the exception of Qatar, which was ranked 78th last year and is 69th in 2009.

When quantifying spam and phishing attacks, the report singles out the UAE as the top-ranked country in the region closely followed by Qatar and Saudi Arabia. Six of the top 10 countries responsible for originating web-based attacks in 2008 were from the Emea region (Europe, Middle East, and Africa) accounting for 45 per cent of the worldwide total – more than any other region. The report indicated that globally malicious code activity continued to grow at a record pace throughout 2008, primarily targeting confidential information of computer users.

According to the company's ISTR XIV, Symantec created more than 1.6 million new malicious code signatures in 2008. This equates to more than 60 per cent of the total malicious code signatures ever created by Symantec – a response to the rapidly increasing volume and proliferation of new malicious code threats. These signatures helped Symantec block an average of more than 245 million attempted malicious code attacks across the globe each month during 2008.

"As malicious code continues to grow at a record pace we're also seeing that attackers have shifted away from mass distribution of a few threats to micro distribution of millions of distinct threats," said Johnny Karam, Regional Director, Symantec Mena. "Cybercriminals are profiting from creating and distributing customised threats that steal confidential information, particularly bank account credentials and credit card data. While the above ground economy suffers, the underground economy has remained consistently steady."

The report noted that web surfing remained the primary source of new infections in 2008, and that attackers are relying more and more on customised malicious code toolkits to develop and distribute their threats. Furthermore, 90 per cent of all threats detected by Symantec during the study period attempted to steal confidential information. Threats with a keystroke-logging capability – which can be used to steal information such as online bank account credentials – made up 76 per cent of threats to confidential information, up from 72 per cent in 2007.

"The unfortunate reality is that innocent web surfers can visit a compromised website and unknowingly place their personal and financial information at risk," said Marc Fossi, Executive Editor, Symantec ISTR XIV. "Computer users have to be extra vigilant about their security practices."

Web application platforms were common sources of vulnerabilities during the evaluation period. These pre-built software products are designed to simplify the deployment of new websites and are in widespread use around the internet. Many of these platforms were not designed with security in mind and consequently harbour numerous flaws leaving them potentially vulnerable to attack. Of all the vulnerabilities identified in 2008, 63 per cent affected web applications, up from 59 per cent in 2007.

Of the 12,885 site-specific cross-site scripting vulnerabilities reported in 2008 only three per cent (394) had been fixed at the time the report was written. The report also found that web-based attacks originated from countries around the globe, with the most originating from the United States (38 per cent), followed by China (13 per cent) and Ukraine (12 per cent). Six of the top 10 countries where web-based attacks were prominent were from the Emea region – these countries accounted for 45 per cent of the worldwide total, more than any other region. The report found that phishing continued to grow. In 2008, Symantec detected 55,389 phishing website hosts, an increase of 66 per cent over 2007, when Symantec detected 33,428 phishing hosts. Financial services accounted for 76 per cent of phishing lures in 2008 compared to 52 per cent in 2007.

Finally, the report found that the volume of spam continued to grow. Over the past year, Symantec observed a 192 per cent increase in spam detected across the internet as a whole, from 119.6 billion messages in 2007 to 349.6 billion in 2008. In 2008, bot networks were responsible for the distribution of approximately 90 per cent of all spam e-mail.

By the end of 2008, there were more than one million individual computers infected by the worm Downadup (also known as Conficker). This worm was able to spread rapidly across the internet due to a number of advanced propagation mechanisms. The number of Downadup infections worldwide grew to more than three million infected systems during the first quarter of 2009.

According to Symantec data, in 2008, the growth of malicious code activity was the greatest in Emea. In 2008, Symantec observed an average of more than 75,000 active bot-infected computers each day, a 31 per cent increase from 2007.

The report is derived from data collected by millions of internet sensors, first-hand research, and active monitoring of hacker communications. The study period for the ISTR XIV covers January to December 2008.

Keep up with the latest business news from the region with the Emirates Business 24|7 daily newsletter. To subscribe to the newsletter, please click here.

Follow Emirates 24|7 on Google News.