bodyType

customContents

entityId

entityUuid

articlePageQuery

filter

article

articleBaseAdvertisingInfoArticle

articleListArticle

articleSeoArticle

helpersCheckIsPostiesArticle

hooksArticleAcknowledgementGateOverlayArticle

hooksTrackPageViewArticle

hooksContentInterestArticle

articleLinkingDataContent

hooksAmpRedirectArticle

articleSchemaContent

liveArticle

advertZone

sentiment

contentLock

topics

types

sections

paywallTypes

createdDate

publishedDate

moreOnThisArticles

urlAlias

commentCount

authorLocations

authors

corrections

sponsorType

displaySlideShow

multimediaEmbed

printHeadline

seriesContainer

articleSpeeches

socialHeadline

headline

images

flag

firstTopic

glossary

flattenTypeIds

additionalInfoBoxes

quizIds

image

relatedLinks

relatedNewsletters

__typename

sponsor

pdfFiles

seriesReverseOrder

series

disableOffPlatformContent

published

updatedDate

summary

subHeadline

body

keywords

readingTime

customTimezone

liveContents

SCMP Reporter

Assault on PCs reaches plague proportions in Hong Kong as malicious code writers switch focus

A stealth digital invasion of personal computers around the world has intensified, with schools, small businesses and financial services firms hit by waves of botnet, spam, spyware, phishing and virus attacks in the first half of this year.

The latest edition of Symantec's bi-annual Internet Security Threat Report found malicious code attacks shifting from large, multipurpose offensives to focused incursions on smaller targets, using networks of compromised or zombie personal computers called botnets.

The report named Seoul, Beijing, Taipei, Guangzhou and Hong Kong as cities with the most bot-infected computers in Asia.

With links to criminal organisations, spammers and virus writers are collaborating to create botnets to launch spam, phishing and other malicious programs for profit. Several bot programs are covertly installed on many vulnerable internet-connected computers by attackers who remotely target new system weaknesses and add more botnets.

'Bot networks are also a source of income because they are available for purchase or rent,' said Steven Leonard,  Symantec vice-president for Asia-Pacific and Japan.

Attackers direct botnets, which can number in the hundreds of thousands, to operate in a co-ordinated fashion to commit felonious acts such as identity theft, extortion and fraud.

'It is reasonable to assume that as the financial rewards increase attackers will develop more sophisticated and stealthier malicious code that will attempt to disable anti-virus [programs], firewalls and other security measures,' Mr Leonard said.

Based on network activity tracked by its 24,000 sensors in more than 180 countries in the first half of the year, Symantec documented 1,862 new 'vulnerabilities' worldwide - the highest six-month figure of system weaknesses recorded by the company.

Education was the most frequently targeted industry, followed by small business and financial services.

Roy Ko Wai-tak,  manager of the government-funded Hong Kong Computer Emergency Response Team Co-operation Centre, said local security incident reports as of last month totalled 1,629, which was less than in previous years.

'But the low number of incidents reported could have been because people did not know their computers were already compromised,' Mr Ko said.

Symantec detected an average of 10,352 active botnet computers per day worldwide in the first half, up more than 140 per cent from 4,348 a day recorded in the second half of last year. Gaobot was the most frequently cited malicious code in Asia.

The global volume of phishing - bogus messages used to lure recipients to divulge their personal financial details - also grew from an average of 2.99 million messages a day to 5.70 million. That meant one out of every 125 e-mail messages was a phishing attempt.

In Hong Kong, police figures showed false bank websites used for phishing were found on computer servers at 35 schools in June and July this year. During that period, the Hong Kong Monetary Authority reported about 10 fraudulent banking websites.

Symantec reported spam made up 61 per cent of global e-mail traffic, 23 per cent of which originated in Asia.

It said six of the top 10 spyware programs reported in the first half were bundled with other programs, and six were installed through Web browsers. Adware made up 8 per cent of the top 50 reported malicious programs, up from 5 per cent from the previous six-months.

Denial of service attacks - where servers that run websites are disabled with unwanted data traffic for extortion purposes - grew from an average of 119 per day to 927 per day in the first half, a 680 per cent increase over the previous reporting period.



Stealth attacks target small firms