By shelling out just a few dollars, which is less than the price of buying a basic camera phone today, one can buy credit card information from the underground cyber market. The ‘business’ can get you confidential information like social security number, credit card number and bank accounts for a paltry sum. However, while such transactions were happening from countries outside India, the alarming growth in the number of command and control servers in India which controls the bot networks (Internet bots, also known as web robots, are software applications that run automated tasks over the Internet) has made it possible in India itself. According to the latest Internet Security Threat Report by Symantec, the number of command and control servers operating out of India has grown 170 per cent to reach 70 in 2008 when compared to a year earlier. This has also seen an alarming rise in the number of bot attacks in India last year.
The report says Mumbai, Delhi and Chennai together house around 68 per cent of the BOT-infected computers in India which have been compromised by hackers to steal confidential information from the systems. In calendar 2008, India accounted for 103,812 distinct bot-infected computers at an average of 836 bots a day, an increase of 31 per cent over previous year, according to the Symantec report. The report attributes the sharp increase in bot-infected computers in India to the low adoption of security measures that includes anti-malware, intrusion prevention and intrusion detection.
“Due to a rapidly-growing Internet infrastructure, a burgeoning broadband population and rampant software piracy, India is expected to witness increased malicious activities. Unless enterprises improve security protocols and measures to counter malicious activities, India will continue to be a soft target for Internet threats,” said Vishal Dhupar, managing director, Symantec India.
According to Symantec, once key information, like a social security number, credit card number or bank account has been stolen, the criminals sell the data in various forums like websites and Internet Relay Chat (IRC) channels, which allow criminals to buy, sell, and trade illicit goods and services.
The report said Web surfing remained the primary source of computer virus in 2008. India, which had the fifth highest number of broadband subscribers in the Asia-Pacific and Japan (APJ) region in 2008, witnessed the third highest number of malicious activities with 10 per cent of the regional total. US accounted for 84 per cent of web-based attacks targetted at India, followed by China at 5 per cent.
While the global averages for worms and virus attacks increased marginally, India continues to rank high on these vectors of attacks. In the APJ region, India ranked first on worms and virus attacks prevalence list. Other than worms and viruses, spams and phishing were some of the biggest concerns for enterprises across the world. The Symantec report said 12 per cent of spams detected in APJ region in 2008 originated in India, making it the third-ranked country in this category. In 2007, India ranked fifth in APJ region accounting for only 4 per cent of spam in the region.
“We have seen a two times increase in spams, which apart from slowing down the system also consume a lot of broadband. Both India and Thailand experienced significant increases in spam volume this year,” added Dhupar.
