Which country has the most malware-infected devices?
Devices with default passwords, infrequent updates and poor security protocols are the first to target, say researchers
New research reveals which countries across Europe, the Middle East and Africa have the largest number of internet-connected devices infected with malware “bots” that allow criminals to use the device as part of co-ordinated cyber attacks.
The research was released by Norton, a division of the security software company Symantec, and found that Turkey had the largest number of “bot” infections. There is one bot for every 1,139 internet users in Turkey, and the country contains 18.5 per cent of all the bots across the EMEA region.
The UK came seventh in the table, but had a much lower density of bots, with one per 4,573 internet users.
Once a device, such as a computer, laptop or smartphone, is infected with a bot, it can be used remotely by criminals as part of a “botnet”, a network of hundreds or thousands of devices, which can be used to commit crimes including denial-of-service attacks in order to cause a website to crash. The device owner may not even know their device is being used in this way.
“Where a bot resides isn’t indicative of where its controlling cybercriminal may live. Botnets are global in nature, and an infected device in Europe could contribute to an attack in Asia, controlled by a cybercriminal in North America. We’d probably have bots attacking from the Antarctic if there was more bandwidth there,” Paul Wood, head of cybersecurity research at Symantec.
Cyber criminals are most likely to target consumer devices that lack security and are easy to infect, according to Nick Shaw, vice president and general manager EMEA at Norton.
“From laptops and mobile phones, to fitness trackers and routers to home security systems, smart TVs and baby monitors, any internet-connected device is a potential target but the ones with default passwords, infrequent updates and poor security protocols are the first to target.”
“To reduce their risk of infection, consumers can change the default device’s credentials, disabling unused services, modifying the privacy settings of the device and ensuring its firmware is up to date.”
The research from Norton raises concerns regarding the internet of things. As more and more appliances become connected, should companies be cautious to implement these innovations?
“Businesses should always consider the security implications of any new investment or integration. Rushing headlong into the latest technology will always have its risks, but the potential gains of internet connected devices are significant,” added Shaw.
“Whilst businesses need to ensure they have a robust security strategy in place, manufacturers of these devices should implement security in the design phase to reduce the potential impact to consumers and businesses. Businesses shouldn’t be scared away but they should absolutely employ caution and think ahead about their approach to integration.”