Microsoft: Malware Up 38% in United States in 2008

Share

According to the latest Security Intelligence Report from Microsoft, malicious software installations on computers increased 38% in the U.S for 2008.[1] Also, the number of “High Severity” vulnerabilities detected increased by 13% in the second half of 2007, putting the total of “High Severity” vulnerabilities to 48%.

Downloaders and droppers, accounting for 30% of all malicious software, with around 7 millions computers infected in the United States alone.

And of course, no good Microsoft document would be complete by stating that Vista in more awesome than XP, and therefore the report states that if you own Windows XP SP3, you’re likely to be infected 9 times on 1000 infections, while this number drops to 4 times on 1000 infections for Vista.

“For browser-based attacks on Windows XP-based machines, Microsoft vulnerabilities accounted for 42 percent of the total. On Windows Vista-based machines, however, the proportion of vulnerabilities attacked in Microsoft software was much smaller, accounting for just 6 percent of the total[2].”

Taken from the report:

Country/Region

2007

2008

% Chg.

Afghanistan

58.8

76.4

29.9

Bahrain

28.2

29.2

3.4

Morocco

31.3

27.8

-11.4

Albania

30.7

25.4

-17.4

Mongolia

29.9

24.7

-17.6

Brazil

13.2

23.9

81.8

Iraq

23.8

23.6

-1.1

Dominican Republic

24.5

23.2

-5.2

Egypt

24.3

22.5

-7.5

Saudi Arabia

22.2

22.3

0.4

Tunisia

15.9

21.9

37.3

Turkey

25.9

21.9

-15.4

Jordan

20.4

21.6

5.5

Former Yugoslav Republic of Macedonia

16.3

21.1

29.8

Lebanon

20.6

20.2

-1.8

Yemen

17.7

20.1

13.7

Portugal

14.9

19.6

31.7

Algeria

22.2

19.5

-12.2

Libya

17.3

19.5

13.1

Mexico

14.8

17.3

17

United Arab Emirates

18.2

17.3

-4.8

Monaco

13.7

17.0

23.7

Serbia

11.8

16.6

41.4

Bosnia and Herzegovina

12.8

16.3

27.5

Jamaica

15.0

16.3

8.9

Table 1.0 – Countries with the Highest Infection Rates[3]

See also:

“Microsoft Security Intelligence Report”, Microsoft, January-June 2008, http://www.microsoft.com/downloads/details.aspx?FamilyId=B2984562-47A2-48FF-890C-EDBEB8A0764C&displaylang=en (accessed on November 4, 2008)

“Les menaces en augmentation de 43%, dit Microsoft”, Marie-Ève Morasse, Cyberpresse, November 3, 2008, http://technaute.cyberpresse.ca/nouvelles/internet/200811/03/01-35773-les-menaces-en-augmentation-de-43-dit-microsoft.php (in French) (accessed on November 4, 2008)


[1] “Microsoft Security Intelligence Report”, Microsoft, January-June 2008, p. 122

[2] Ibid. p. 5

[3] Ibid. p.49

Chinese Cyber Warfare to Gain Military Superiority

Share

Since the 70s, when Deng Xiaoping was the head of China, the People’s Liberation Army tried to modernize itself and cut its size in order to become more efficient. Still, China is still behind when it comes to military even if its defense budget is the second largest after the United States on the planet, with US$57 billion in 2008[1]. According to an article published in Culture Mandala, China could boost its cyber warfare capabilities in order to compensate for their technological backwardness.

It started as soon as in 2003, when it deployed its first cyber warfare units, the “zixunhua budui[2]“. Since, many attacks have been attributed to China, such as Operation Titan Rain in 2003[3]. China hopes that by using asymmetrical warfare, such as information warfare and cyber warfare, it might level other modern armies.

Michael Vickers, Senior Vice President for Strategic Studies at the Center for Strategic and Budgetary Assessments declared that “a Chinese attack on Taiwan could entail special operations and cyber attacks on U.S. regional bases in Japan and South Korea, and might even include cyber attacks on the U.S. homeland that target the U.S. financial, economic, energy, and communications infrastructure[4]“. In the same document, we can read:

“One way to assess this risk is to ask whether a cyber attack by China launched a few days in advance of a clash could prevent U.S. carrier battle groups from deploying to the Taiwan Straits. Launching the attacks too early would create the risk of discovery and countermeasures.[5]

China could boost its cyber warfare capabilities in order to compensate for their technological backwardness
China could boost its cyber warfare capabilities in order to compensate for their technological backwardness

It is clear to me that a nation with a technologically late compared to modern armies have all the advantage to develop asymmetrical warfare. We can assess its effectiveness in Afghanistan and Iraq. And cyber warfare is a perfect way to destabilize modern armies used to technology in their daily operations. But this is far from being easy for both sides, as talented individuals and highly skills hackers are needed to develop this kind of warfare. Terrorists and groups are unlikely to develop a high quality cyber warfare force, although they still can be efficient. China, on the other hand, can and is smart to do it. After all, if a force can disable communications the enemy’s communications networks, such as GPS, emails and phone networks, it can makes a strong army useless. Like a strong man or woman, if the brain can contact the muscle through the nervous system, the body is powerless…

See also:

“How China Will Use Cyber Warfare To Leapfrog in Military Competitiveness“, Jason Fritz, Culture Mandala, Vol. 8, No. 1, October 2008

China’s Military Modernization and Its Impact on the United States and the Asia- Pacific“, U.S.-China Economic and Security Review Commission, 110th Cong, 1st Sess., March 29-30, 2007


[1] “How China Will Use Cyber Warfare To Leapfrog in Military Competitiveness”, Jason Fritz, Culture Mandala, Vol. 8, No. 1, October 2008, pp.29

[2] “Trojan Dragon: China’s Cyber Threat”, John J. Tkacik, Jr., The Heritage Foundation, February 8, 2008, http://www.heritage.org/Research/asiaandthepacific/bg2106.cfm#_ftn6 (accessed November 3, 2008)

[3] “Titan Rain – how Chinese hackers targeted Whitehall”, Richard Norton-Taylor, The Guardian, September 5, 2007, http://www.guardian.co.uk/technology/2007/sep/04/news.internet (accessed November 3, 2008)

[4] China’s Military Modernization and Its Impact on the United States and the Asia- Pacific, U.S.-China Economic and Security Review Commission, 110th Cong, 1st Sess., March 29-30, 2007, p. 2

[5] Ibid. p.144

Bank Account Stealing Trojan Rampaging the Internet

Share

The details of about 500,000 online bank accounts and credit and debit cards have been stolen by a trojan
The details of about 500,000 online bank accounts and credit and debit cards have been stolen by a trojan

BBC News reports that a trojan, labeled Sinowal, has been crawling across the Internet. The Trojan is notorious for stealing bank account details. Sean Brady of RSA‘s security division reports that “more than 270,000 banking accounts and 240,000 credit and debit cards have been compromised from financial institutions in countries including the US, UK, Australia and Poland.[1]” According to Sophos researchers, 14 computers per seconds were infected by Sinowal in 2008[2].

The Trojan is also known as Torpig and Mebroot and has now been discovered 2 years ago, in 2006, which means it has been collecting information for now 2 years. It uses the drive-by download method to download itself, which means it download and install itself without the user’s knowledge. In the case of this particular Trojan, this is done mainly thought malicious links and HTML injection attacks.

The Trojan installs itself on the master boot record and his polymorphic, making it hard to detect and to remove[3]. RSA suspects that the Sinowal had strong ties to a cybercriminal gang known as the Russian Business Network.


[1] “Trojan virus steals banking info”, Maggie Shiels, BBC News, October 31, 2008, http://news.bbc.co.uk/2/hi/technology/7701227.stm (accessed on November 2, 2008)

[2] Idem

[3] “RSA Cracks Down on Legendary Sinowal Trojan“, Richard Adhikari, Internet News, October 31, 2008, http://www.internetnews.com/security/article.php/3782221/RSA+Cracks+Down+on+Legendary+Sinowal+Trojan.htm (accessed on November 2, 2008)

Quebec Launches Campaign Against Identity Theft

Share

Yesterday the ISIQ (Institut de la Sécurité de l’Information du Québec) launched its new campaign to educate citizens computer security and protection of personal information over the Internet. The ISIQ launched a new portal, MonIdentité (in French) containing lots of information for users on how to protect their identity and to identify risks such as phishing, spyware, Trojans and weak passwords. The campaign has been launch by Pierre Arcand, deputy of the Mont-Royal district in Montreal.

“We want the citizens to become their own artisans of their security on the Internet, by adopting a secure behavior.” said M. Pierre Arcand.

The campaign comes amid a declaration from the Chaire de recherche du Canada sur la sécurité, identité et technologie (in French) who reports that in the last 3 years, 314 millions personal files where lost in 976 incidents in Canada and in the United States. Half of them were due to the incompetence of the owning corporation or organization.[1]

This is exactly the kind of initiative we need. Humans are always the weakest link in any security network, therefore educating the population about security is essential. My only fear is that this campaign will largely be ignored by the media and the population, since elections are looming in the province and economic news are still the main topic.

Je Protège Mon Identité - ISIQ Portal
Je Protège Mon Identité - ISIQ Portal

[1] “Pour naviguer sans tracas”, Radio-Canada, October 27, 2008, http://www.radio-canada.ca/nouvelles/societe/2008/10/27/003-securite-informatique.shtml (accessed on October 28, 2008)