China leads Asia in malicious online activity, racking up 42 percent of the action in the first half of 2007, up from 39 percent last year.
According to Symantec's biannual Internet security threat report released on Wednesday, China topped the Asia-Pacific region, including Japan, in malicious activity, producing the most malicious code, spam zombies, bots and attacks between January 1 and June 30.
China's bot-infected computers made up 78 percent of those in the region. Taiwan had the next highest number of bots, but only at 7 percent.
Noting that the majority of China's Windows users use counterfeit versions, Ooi Szu Khiam, a senior security consultant at Symantec Singapore, said during a press briefing: "If you don't have a genuine version, you can't register for patches, and those who don't patch their systems are open to a growing number of exploits."
Ooi added that users become "sitting ducks" as they leave themselves open to malicious attacks by not applying security patches.
Offering another reason for China's vulnerability, Ooi said: "Resources to build infrastructure is finite, so not enough spending may be directed to securing the networks."
Building a proper security system requires a "multiple and mutually supportive defensive system," Ooi said. A security system needs to be secured at all points, including the ISP, network and device.
The amount of spam originating from China, which makes up 25 percent of APJ-originating spam, puts China at the top of the list, Ooi said, noting that this volume is driven largely by the vast number of botnets and spam zombies.
"All you need to do is install a spam plug-in for your botnet, and the botnet is in action," he said. "Many bots are designed to be used mainly to send spam."
The problem is not China, it is the U.S. for having 20th Century email and web security technology.
The brain dead people at Yahoo still have not released a Yahoo Mail feature that allows customer blocking of email from country level domains. Why should I be forced to see spam email from China? Does Yahoo think I really want to see 20 emails a day hawking Rolex watches and "love pills"?
I really do find some of the current wave of rhetoric about the threat to the internet from China really worrying, if not downright dangerous for international relations. I suppose it a good topic for poor technical journalism, to gain publication in US & European journals / web. Old adage; "Why let the facts spoil a good story"?
Let me make my position clear, I am not Chinese and I do not live in China, however I do know a thing or two about internet security threats. Here are some facts for the readers who possibly might read the above article and take it as factual:
(a) As of Sept 20 07 the US is the clear leader in known Spam issues, by 5:1 over China (ref Spamhaus.org).
(b) The internet is global and any quantitative analysis must base itself on comparative users. Reasonable estimates now show about 2:1 of Chinese internet user access over US users and anywhere from 5 to 20:1 over other Asian countries. Based on this on any Spam or malware distributor estimation this would place China about tenth on any list on countries, and well down the list in Asia.
(c) In China there are severe legal penalties for such acts, recently Yahoo could distribute malware to 15 million of its users and hardly gets a technical press mention, and no legal sanction.
(d) Why you may ask am I so concerned? On a recent exploit tracking exercise, despite apparent Chinese language sites being the cause. These sites were actually based and funded out of Toronto with bullet proof servers out of San Francisco!
Remember it is just as easy to get a free mail.cn / low cost Chinese based hosting, or mail.ru for that matter, being based in the US. As it is to get a Hotmail or Yahoo hosting account.
Google's figured out a way to bring the power of graphics processor-powered hardware acceleration to some older computers, while Chrome 19 dev starts supporting the latest JavaScript code.
A new Apple lawsuit takes aim at Motorola Mobility in the U.S. for breaking a contract both companies have with Qualcomm for the license of one of its wireless patents.
A study by Harlequin--yes, the romantic-book people--says more women are sending naughty texts (shocking) and that 27 percent have sent a nude picture via e-mail or text.
Tor's "obfsproxy" technology would make encrypted data look innocuous and let it dodge government censors. That could help citizens in Iran reach blocked sites as antigovernment protests reportedly loom.
In spite of the boom in smartphone sales, there still seems to be a market for dedicated portable media players. Apple's iPod Touch is the leader, but what about some alternatives for the Android fans? CNET surveys the options.
The brain dead people at Yahoo still have not released a Yahoo Mail feature that allows customer blocking of email from country level domains. Why should I be forced to see spam email from China? Does Yahoo think I really want to see 20 emails a day hawking Rolex watches and "love pills"?
Let me make my position clear, I am not Chinese and I do not live in China, however I do know a thing or two about internet security threats. Here are some facts for the readers who possibly might read the above article and take it as factual:
(a) As of Sept 20 07 the US is the clear leader in known Spam issues, by 5:1 over China (ref Spamhaus.org).
(b) The internet is global and any quantitative analysis must base itself on comparative users. Reasonable estimates now show about 2:1 of Chinese internet user access over US users and anywhere from 5 to 20:1 over other Asian countries. Based on this on any Spam or malware distributor estimation this would place China about tenth on any list on countries, and well down the list in Asia.
(c) In China there are severe legal penalties for such acts, recently Yahoo could distribute malware to 15 million of its users and hardly gets a technical press mention, and no legal sanction.
(d) Why you may ask am I so concerned? On a recent exploit tracking exercise, despite apparent Chinese language sites being the cause. These sites were actually based and funded out of Toronto with bullet proof servers out of San Francisco!
Remember it is just as easy to get a free mail.cn / low cost Chinese based hosting, or mail.ru for that matter, being based in the US. As it is to get a Hotmail or Yahoo hosting account.