Cyber attacks more in US

The U.S. remains both a center and target of cybercrime. Eighty-six percent of the credit and debit cards advertised for sale on the digital underground were issued by banks in the U.S.
Symantec recorded an average of 5,213 denial-of-service (DoS) attacks per day, down from 6,110 in the first half of the year. Systems in the U.S. were the target of most DoS attacks, accounting for more than half (52 percent) of the worldwide total.

Ollie Whitehouse, Symantec research scientist and one of the authors of the report, said that hackers are becoming increasingly sophisticated in the tactics they use to gain control of vulnerable systems. He said the increased use of unpatched (zero-day) vulnerabilities, which occurred regularly during the second half of 2006, provided evidence of this trend.

During the second half of 2006, 23 percent of the 1,318 documented malicious code samples exploited vulnerabilities. Many of these attacks targeted web browser security bugs.

Symantec documented 54 vulnerabilities in Microsoft Internet Explorer, 40 in the Mozilla browsers, and four each in Apple Safari and Opera over the report period. Mozilla did the best job of the browser suppliers in fixing flaws, taking an average of two days to develop an update. Internet Explorer was targeted by 77 percent of attacks specifically targeting Web browsers.

Spam, spam, spam....Spam and in particular phishing attacks that attempt to trick users into handing over account credentials remained a problem during the reporting period. Symantec blocked over 1.5 billion phishing messages in the second half of 2006, an increase of 19 percent over the first half of 2006.

Forty-six percent of all known phishing sites were located in the U.S., a much higher proportion than in any other country. The U.K. had the second highest number of phishing Web sites in and third highest in the world, beyond the U.S. and Germany. Karlsruhe in Germany was the city which hosted the highest number of phishing Web sites.

During the last six months of 2006, 44 percent of all spam detected worldwide originated in the U.S.

Looking ahead, Symantec expects to see more threats begin to appear on Windows Vista, with a focus on vulnerabilities, malware and attacks against the Teredo platform. Symantec also expects that attackers will focus on third-party applications that run on Vista.

The net security giant expects phishing fraudsters to expand beyond the regular targets of online banks and eBay to new industry sectors, such as multiplayer online games. It also reckons that spam and phishing will increasingly target SMS and MMS on mobile platforms.