In this, its 11th edition of the report, Symantec has for the first time ranked countries as far as their Internet malfeasance is concerned. Tapping into its global intelligence network, Symantec found that the United States spawned 31 percent of the worldwide total for malicious activity. China came in second with 10 percent, and Germany came in third with 7 percent.
But bear in mind that not all of the bad U.S. apples necessarily originate within the United States, said Dave Cole, a director in Symantecs Security Response division. "Inside U.S. borders can be a playground for international hackers," he said in an interview with eWEEK. "How much is U.S.-based and how much is driven from outside is anyones guess."
Because Symantec was aware that industrialized countries higher rate of Internet users skews test results, the company also broke the numbers down according to the percentage of a countrys Internet users that are up to no good. "The more [Internet users] you have, the more likely more will be bad apples and that more people will be targeted," Cole said. "Though [owners of zombie PCs] are innocent except for maybe not cleaning their machines when theyre hacked."
Taking the amount of a countrys malicious activity and dividing by the number of that countrys Internet users, Symantec found that Israel has the most per capita malicious Internet users, at 9 percent. Taiwan came in second, with 8 percent, and the United States came in third, with 6 percent.
Between July 1 and Dec. 31, 2006, Symantec also found that 51 percent of all underground economy servers known to the company were located in the United States—the highest total of any country. In that underground economy, your credit card, with a card verification number, will fetch between $1 and $6. Your identity is more pricey, going for $14-$18 including your U.S. bank account, credit card, date of birth and government-issued identification number.
Symantec also notes that your credit card and identity is more attractive to e-thieves nowadays, as opposed to the allure of financial services in previous periods. "The attackers here are just playing the numbers," Cole said. "The biggest attack for many, many years has always been financial services. Theyd go where the moneys at, sneak in the back door, get in and steal the customer database and quickly get in and out before anybody notices."
Unfortunately for online thieves, banks got smart and beefed up their security. Security at banks being so much harder, hackers have decided to pick customers pockets instead of sticking up the bank itself, Cole said. "Why do Oceans Eleven [a film featuring painstakingly elaborate thievery] when you can just hold up 7-11?" Cole asked.
Cole emphasized that these observations pertain to loosely organized online criminals, not organized crime. Of non-organized criminals, 93 percent are targeting home users, Symantec estimates.
Preferred methods of online scams differ region to region. According to Symantecs research, banking Trojans are popular in South America. In China and Asia, where online gaming is popular and a market for virtual possessions is thriving, gaming Trojans are common, Cole said. "Were seeing threats getting more regionalized, and the threat depends on what region youre interested in," he said.