India had the fifth highest number of broadband subscribers in the APJ region in 2008 and the third highest volume of malicious activity.
Wednesday, April 22, 2009: Malicious code activity continued to grow at a record pace throughout 2008, primarily targeting confidential information of computer users. According to its Internet Security Threat Report Volume (ISTR) XIV, Symantec created more than 1.6 million new malicious code signatures in 2008. This equates to more than 60 per cent of the total malicious code signatures ever created by Symantec -- a response to the rapidly increasing volume and proliferation of new malicious code threats. These signatures helped Symantec block an average of more than 245 million attempted malicious code attacks across the globe each month during 2008.
According to the report, Web surfing remained the primary source of new infections in 2008, and that attackers are relying more and more on customized malicious code toolkits to develop and distribute their threats.
In tune with the global trends, India too saw a substantial increase in its proportion of malicious activity in almost every category. India had the fifth highest number of broadband subscribers in the APJ region in 2008 and the third highest volume of malicious activity, with 10 per cent of the regional total. Computers from the United States and China were the leading source of Web-based attacks targeting India, accounting for 84 per cent and 5 per cent respectively.
"Due to a rapidly growing Internet infrastructure, a burgeoning broadband population and rampant software piracy, India is expected to witness increased malicious activities," said Vishal Dhupar, managing director, Symantec India. "Unless enterprises improve security protocols and measures to counter malicious activities, India will continue to be a soft target of Internet threats."
According to the report, India had an average of 836 bots per day during 2008 and there were 1,03,812 distinct bot-infected computers observed in the country during the period (January 2008 to December 2008). This was a staggering increase of nearly 250 per cent from the previous Internet Security Threat Report.
Globally, in 2008, Symantec observed an average of more than 75,000 active bot-infected computers each day, a 31 per cent increase from 2007. India also saw a huge surge in bot command and control servers from 40 in 2007 to 70 in 2008. Bot command-and-control (C&C) servers are computers that botnet owners use to relay commands to bot-infected computers on their networks. The sharp increase in bot-infected computers in India points towards low adoption of security measure that includes anti-malware, intrusion prevention, and intrusion detection.
Amongst the cities in India with the highest number of bot-infected computers, Mumbai figured at the top with 37 per cent followed by Chennai at 24 per cent, and Delhi at 7 per cent.
Another alarming trend for Internet users in India is the threat landscape being heavily infested with worms and viruses. In the APJ region, India ranked first on worms and viruses attacks prevalence chart. Nine of the top 10 malcodes found in India consisted of worms (55 per cent) and viruses (15 per cent) that disabled security related processes, downloaded additional threats and stole confidential information.
While the global averages for worms and virus attacks increased only marginally, India continued to rank high on these vectors of infection. A perfect case in point was the Downadup/Conficker worm, which left over thousands of computers in India infected during the initial stages of attack.
Sixty-five per cent of worms and viruses in Indian enterprises are propagated through the file sharing/executables mechanism. This indicates that endpoint security and policy are still missing in many organisations as this level of security protection would have allowed IT administrators to scan removable drives for threats.
Over the past year, Symantec observed a 192 per cent increase in spam detected across the Internet as a whole, from 119.6 billion messages in 2007 to 349.6 billion in 2008. The report found that phishing continued to grow. In 2008, Symantec detected 55,389 phishing Web site hosts, an increase of 66 percent over 2007, when Symantec detected 33,428 phishing hosts.
Twelve per cent of spam detected in APJ in 2008 originated in India, making it the third-ranked country for this category.