Malicious Internet/Cyberspace Activity by Source - Country Rankings

Malicious Internet/Cyberspace Activity by Source - Country Rankings 2013
SOURCE: Symantec
E-mail this page Print this page
                                                                                                                                Spanish Simplified Chinese French German Russian Hindi Arabic Portuguese
Custom Search

The Malicious Internet/Cyberspace Activity by Source Index ranks the top 10 countries from which the largest amount of malicious activity originated. Scores are based on geographical data on numerous malicious activities, such as malicious code reports, spam zombies, phishing hosts, bot-infected computers, network attack origins, and web-based attack origins. From the proportion of each activity originating in each source and the mean of the percentages of each malicious activity from each source, the average for each country determines the proportion of overall malicious activity that originates from it. The rankings are determined by calculating the mean average of the proportion of these malicious activities that originated in each source. See the notes below the table for further explanation.
Country of Origin
Malicious Activity Score
1 United States 20.30%
2 China 9.40%
3 India 5.10%
4 Netherlands 3.50%
5 Germany 3.30%
6 Russia 2.60%
7 United Kingdom 2.60%
8 Brazil 2.50%
9 Taiwan 2.50%
10 Italy 2.30%

Malicious activity usually affects computers that are connected to high-speed broadband Internet because these connections are attractive targets for attackers. Broadband connections provide larger bandwidth capacities than other connection types, including faster speeds, the potential of constantly connected systems, and a typically more stable connection. Symantec categorizes malicious activities as follows:

  • Malicious code: This includes programs such as viruses, worms, and Trojans that are covertly inserted into programs. The purpose of malicious code includes destroying data, running destructive or intrusive programs, stealing sensitive information, and compromising the security or integrity of a victim�s computer data.

  • Spam zombies: These are remotely controlled, compromised systems specifically designed to send out large volumes of junk or unsolicited email messages. These email messages can be used to deliver malicious code and phishing attempts.

  • Phishing hosts: A phishing host is a computer that provides website services in order to illegally gather sensitive user information while pretending that the attempt is from a trusted, well-known organization by presenting a website designed to mimic the site of a legitimate business.

  • Bot-infected computers: Malicious programs have been used to compromise computers to allow an attacker to control the targeted system remotely. Typically, a remote attacker controls a large number of compromised computers over a single reliable channel in a botnet, which can then be used to launch coordinated attacks.

  • Network attack origins: This measures the originating sources of attacks from the Internet. For example, attacks can target SQL protocols or buffer overflow vulnerabilities.

  • Web-based attack origins: This measures attack sources that are delivered via the web or through HTTP. Typically, legitimate websites are compromised and used to attack unsuspecting visitors.

    - Please bookmark this page (add it to your favorites).
    - If you wish to link to this page, you can do so by referring to the URL address below this line.

    This page was last modified 3-JUL-14
    Copyright © 2014 ITA all rights reserved.