Categories: SecurityWorkspace

UK Home To More Botnet Command And Control Servers Than Any Other Country

The UK is home to more botnet Command and Control (C&C) servers than any other country in the world, suggests the latest quarterly report by Japanese security vendor Trend Micro.

The report, entitled “Turning the Tables on Cybercrime: Responding to Evolving Cybercrime Tactics”, also found that cyber attacks have intensified and increased in severity over the past three months, especially those aimed at financial institutions and the retail sector. This resulted in exposure of more than 10 million personal records.

It’s chaos out there

Trend Micro found that 32 percent of known botnet C&C servers were hosted in Britain, followed by the US with 29 percent. By comparison, Germany hosts just three percent of known botnet infrastructure, and France – just one percent. This doesn’t mean that the cyber criminals themselves are based in the UK – they are simply abusing the trust towards local infrastructure providers.

As of July 15, 2014, more than 400 major data breach incidents have been reported since the beginning of the year. These include such high-profile victims as eBay, Evernote, Code Spaces and Feedly, to name a few. In the case of Code Spaces, the breach actually made the software development start-up to go out of business.

“This quarter is showing that data breach events can affect anyone that stores data. There is no such thing as a ‘safe’ industry or website now,” wrote Christopher Budd, a spokesman for Trend Micro.

The report called Heartbleed the “most critical vulnerability uncovered to date”, even though there’s still no evidence it was known to cyber criminals and used in real-world attacks before being officially disclosed in April. The report notes that in the wake of the disclosure, several organisations were blinded by panic and actually upgraded from non-vulnerable to vulnerable versions of OpenSSL.

Trend Micro also reported that the obsolete Windows XP operating system, for which Microsoft no longer issues security updates, now features at least 16 unpatched vulnerabilities classified as ‘critical’.

Ongoing threats

During the past three months, Conficker remained the number one malware threat, five years after it arrived on the cyber crime scene, but the report also highlighted the growing popularity of new types of treats like mobile ransomware – malicious applications like ‘ANDROIDOS_LOCKER.A’ which encrypt the internal storage of the device and demand around $30 in exchange for the encryption key.

Meanwhile, Operation Emmental is defeating two-factor authentication by intercepting ‘session tokens’ sent to online banking customers through SMS. This sophisticated campaign continues employing a combination of spam, phishing websites and mobile malware to steal money from its victims.

“Organisations must treat information security as a primary component of a long-term business strategy rather than handling security issues as tertiary, minor setbacks,” said Raimund Genes, CTO, Trend Micro. “Similar to having a business strategy to improve efficiency, a well-thought-out security strategy should also improve current protection practices that achieve long-term benefits. The incidents observed during this quarter further establish the need for a more comprehensive approach to security.”

What do you know about famous hackers? Take our quiz!

Max Smolaks

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Recent Posts

China Opens Nvidia Antitrust Probe After US Sanctions

Chinese government opens antitrust probe into Nvidia's $7bn acquisition of Mellanox, in move seen as…

22 mins ago

Google Announces Quantum Chip Error ‘Breakthrough’

Google Willow quantum chip makes significant improvements in error correction, moving quantum computing closer to…

51 mins ago

TikTok Asks For Emergency Pause On US Divestiture Law

TikTok, ByteDance ask court for emergency injunction to pause enforcement of divestiture law pending Supreme…

1 hour ago

OpenAI Seeks To Remove Commercial ‘AGI’ Constraint

ChatGPT developer OpenAI reportedly discussing removal of provision that blocks Microsoft from accessing super-intelligent AI

22 hours ago

EU Probes Nvidia AI Chip Business Practices

European Commission reportedly questions Nvidia competitors, customers over business practices in AI chip market over…

23 hours ago

Apple To Begin Using In-House 5G Modems Next Year

Apple reportedly planning to use first-generation in-house 5G modem in iPhone SE next year, hopes…

23 hours ago