- Related Stories
-
China hosts nearly half of all malware sites
September 4, 2007 -
Piracy in China is smart, hilarious, critics say
May 30, 2007
According to Symantec's biannual Internet security threat report released on Wednesday, China topped the Asia-Pacific region, including Japan, in malicious activity, producing the most malicious code, spam zombies, bots and attacks between January 1 and June 30.
China's bot-infected computers made up 78 percent of those in the region. Taiwan had the next highest number of bots, but only at 7 percent.
China's high level of malicious activity can be attributed to its high rate of counterfeit software.
Noting that the majority of China's Windows users use counterfeit versions, Ooi Szu Khiam, a senior security consultant at Symantec Singapore, said during a press briefing: "If you don't have a genuine version, you can't register for patches, and those who don't patch their systems are open to a growing number of exploits."
Ooi added that users become "sitting ducks" as they leave themselves open to malicious attacks by not applying security patches.
Offering another reason for China's vulnerability, Ooi said: "Resources to build infrastructure is finite, so not enough spending may be directed to securing the networks."
Building a proper security system requires a "multiple and mutually supportive defensive system," Ooi said. A security system needs to be secured at all points, including the ISP, network and device.
The amount of spam originating from China, which makes up 25 percent of APJ-originating spam, puts China at the top of the list, Ooi said, noting that this volume is driven largely by the vast number of botnets and spam zombies.
"All you need to do is install a spam plug-in for your botnet, and the botnet is in action," he said. "Many bots are designed to be used mainly to send spam."
Victoria Ho of ZDNet Australia reported from Sydney.
See more CNET content tagged:
China,
bot,
Asia,
region,
activity
The brain dead people at Yahoo still have not released a Yahoo Mail feature that allows customer blocking of email from country level domains. Why should I be forced to see spam email from China? Does Yahoo think I really want to see 20 emails a day hawking Rolex watches and "love pills"?
Let me make my position clear, I am not Chinese and I do not live in China, however I do know a thing or two about internet security threats. Here are some facts for the readers who possibly might read the above article and take it as factual:
(a) As of Sept 20 07 the US is the clear leader in known Spam issues, by 5:1 over China (ref Spamhaus.org).
(b) The internet is global and any quantitative analysis must base itself on comparative users. Reasonable estimates now show about 2:1 of Chinese internet user access over US users and anywhere from 5 to 20:1 over other Asian countries. Based on this on any Spam or malware distributor estimation this would place China about tenth on any list on countries, and well down the list in Asia.
(c) In China there are severe legal penalties for such acts, recently Yahoo could distribute malware to 15 million of its users and hardly gets a technical press mention, and no legal sanction.
(d) Why you may ask am I so concerned? On a recent exploit tracking exercise, despite apparent Chinese language sites being the cause. These sites were actually based and funded out of Toronto with bullet proof servers out of San Francisco!
Remember it is just as easy to get a free mail.cn / low cost Chinese based hosting, or mail.ru for that matter, being based in the US. As it is to get a Hotmail or Yahoo hosting account.