- Category: November - December 2009
We all know that emails are one way of carrying threats into the hearts of businesses and individuals. But cyber-criminals are now increasingly exploiting the web as a malware delivery mechanism.
Cyber-criminals are setting up websites specifically to download data-stealing, behaviour-tracking and other damaging malware onto visitors’ computers. But an even more scary fact is that many legitimate websites are also deliberately infected by cyber-criminals without their owners’ knowledge or complicity. Just as worryingly, malware often downloads itself from infected websites without the visitor taking any action whatsoever.
The malicious domains inadvertently requested by Singapore’s web users are, on average, slightly younger than those requested by users across the world as a whole. Generally, younger domains of this type will be new ones set up by cyber-criminals specifically to serve malware to unwary visitors, rather than compromised legitimate domains.
Singapore – a popular target for cyber-criminals
Singapore’s global profile and overall affluence inevitably attracts a lot of attention – and not all of this attention is good. Cyber-criminals see this vibrant nation as a lucrative target for their ever-evolving, increasingly noxious array of scams, tricks and deceptions.
The destructive potential of the threats developed and unleashed by today’s expertly organized cyber-crime ‘industry’ should never be underestimated. Any organization – big or small – can become a victim. And any victim can pay an enormous price as a result.
Loss of funds, leakage of sensitive data, compromised intellectual property, erosion of competitive edge, damaged reputation – these are some of the business-busting traumas that Singapore-based firms, like their counterparts worldwide, may suffer if just one virus, spyware or phishing attack, for instance, hits its target.
Web threats can lead to irreparable damage for businesses
MessageLabs blocks tens of thousands of web requests for each of its clients every week. 99.9% of these blocks are policy-based; just 0.1% are blocks on requests to visit websites containing malware. The relative smallness of this second figure, though, shouldn’t obscure the fact that this malware – mostly viruses (99%) with the rest spyware (1%) – has the potential to unleash huge disruption and destruction. Web threats can erode a business’s efficiency and profitability – and perhaps even expose it to legal action.
Globally, the level of web threats experienced by all the world’s major regions is broadly the same. But the precise picture differs dramatically from one country to another. In Singapore’s case, the country faces a fast-developing threat in the shape of web-borne malware. On average, MessageLabs blocked visits to 15 malicious domains for every one of its Singapore clients from April to August 2009 – three times the APAC average and four times the global average. This appears to show that businesses based in Singapore face an unusually wide variety of web threats.
The level of web security threats now facing Singapore has reached an unprecedented level, by historical, regional and global standards.
Singapore faces a double danger: firstly, the rising tide of threats common to every part of the world; secondly, specific threats aimed at Singapore by cyber-criminals attracted by the country’s success, its high profile and the large number of major multinational corporations with a presence there.
To meet Singapore’s needs, any security solution must be cost-effective and comprehensive, capable of dealing with dangers that range from cutting-edge spamming techniques and targeted trojans to websites concealing malware unprecedented in its guile and virulence.
But it must also take full account of the particular character of Singapore and of local factors that make the messaging and web threats there subtly but significantly different from those experienced elsewhere. Unfortunately, traditional software and appliance-based security solutions – and many managed services too – have a track record of proving unequal to the task.
By contrast, from its regional office in Singapore – supported by global infrastructure spanning four continents, including data centres in Hong Kong, Japan and Australia – MessageLabs offers state-of-the-art global-level expertise backed by a hands-on local presence and in-depth understanding of the Singapore market.
By Dan Bleaken, MessageLabs Intelligence Data Analyst, Symantec Hosted Services