Slashdot Mirror
UK Officially The Most Hacked Country
_Hellfire_ writes "Symantec's Internet Security Threat Report for the second half of 2004 says that the UK is leading the rest of the world with bot networks. The report states that "...25.2% [of bots] are located in the UK. That now puts the country ahead of the US (24.6%), China (7.8%), Canada (4.9%) and Spain (3.8%)". Symantec blames a sudden uptake of residential broadband connections without the awareness of the required security measures."
I wonder how accurate these statistics are.
Number one, Number one, Number one, Number one, Number one, Number one, Number one, !! we had to win at something sooner or later
Will wash cars for karma
You have to wonder about this. They show the US at 24.6% of PCs compromise- and the UK at 25.2%. This is well within the margin of error for even the most rigorous of surverying.
w00t! Finally we lead the world at something!
Invoicing, Time Tracking, Reporting
Basically they should be made compulsary for all broadband connections. It is the plethora of cheap USB ADSL modems that are being offered free with connections that it causing the problem.
Yet another example of the rest of the world overthrowing american hegemony. We all need to do our part to get USA back on top. Install worms and Trojans.
Or it is because most hackers or script kiddies are located in the US and elsewhere outside the UK and they prefer hacking abroad, because that might limit the possibility of legal troubles.
www.weberseite.at
We're #2! We're #2! We're #2! :D
I can definitely vouch for this, I personally witnessed some 20 odd pieces of malware duking it out on my brothers 2Mbit broadband to see who could relay the most spam.
Since then, I've converted the majority of my friends and family to Debian and they haven't looked back.
that is a HUGE number of bots. I wonder if there is a greater penetration of computers in the UK into homes, which might explain this.
Get a free iPod Nano 4GB!
I personally think that the approach towards broadband was mostly done wrong. The large majority of users should never be fully visible online - those broadband routers should be doing NAT for all but a small minority of users.
While we cant code or design around user stupidity (in the sense that if you give a user a button that says "DONT CLICK HERE, IT WILL INSTALL A SPYBOT" and they'll still click it), we certainly can design around stupid operating systems that have holes you could drive a transport truck through. NAT does this quite well - I reccomend a NAT router (WRT54G, specifically) for everyone I know - including myself. It saves massive amounts of problems.
Part of the issue also lies with the fact that most "concious" users load up their PC with firewalls and zonealarm and so forth to the point where its slow because of all the crap on the system.
.
The UK the most hacked country in the world? I myself am a UK citizen, and can personally vouch for the fact that this is not true. I, for example, have never been hack-
>>> ENLARGE YOUR PENIS 150%!!!!
-ed. WTF?!? Wha-
>>> Come see my hot pics! here
-t's happening to me?!? Oh God, noooooooo-
>>> Buy VIAGRA ONLINE! SAve $$$$!!!!1
...say that you should buy more security products! Wow, it's almost like the MS studies that say linux is more expensive and the environmental studies by the meat industry that say millions of gallons of pig shit isn't harmful to the environment so you might as well just spray it into the air.
This is the second one in as many days, too. Come on, could we get a real story, not one spun from the gossamer threads of greed and conflict of interest?
adam b.
US (24.6%) ... Canada (4.9%)
This is really problematic, given that Canada only has about one tenth of the US population. Does this mean that if we had as many people as the USA, 49% would be hacked?
Or is it just because we have more broadband per capita than in the US?
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
Having a licence required would cause the PC/Internet access industry to plummet. And because of lack of consumer investment, progress in newer technologies would slow down.
Ya, spyware sucks ass. But I'll just let the free market take care of this. Until then, I'm willing to take the good with the bad.
Life is not for the lazy.
The situation really is bad..
In the last year 512Kbs ADSL Broadband has tumbled in price to little more expensive than unmetered dial-up, and a lot of clueless types bought in
Typical British ISPs provide a USB modem for ADSL or an Ethernet/USB Cable modem, and a driver/configurator disk. No consumer ISP provides a NAT router by default (its a costly option, and usually a crappy rebranded far-eastern product that crashes all the time).
Very few of them even provide a software firewall. AOL is a notable exception (about time they did something right) providing a firewall in their standard AOL Broadband software.
I spend a lot of my free time installing Zonealarm/Sygate Personal for clueless people wondering why their brand new XP box and brand new ADSL connection keep crashing....
I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
"Most hacked" is not the English translation of "largest percentage hacked". "Most hacked" would refer to the largest quantity hacked. The proper English translation of that statistic is "most hacky" - even if I did just make up "hacky".
--
make install -not war
41% of British Internet connections are broadband or other always-on connections, and 4% use a mixture of access methods. Leaves 55% who are exclusively modem users.
I appear to have a blog. Odd.
I blame the abundance of Spam from the UK squarely on Monty Python.
Now they want to bring "Spam A Lot" to the US? I don't think so, Nigel.
Time to dump some tea into the harbour.
I don't need no instructions to know how to rock!!!!
A lot of ADSL connections in the UK now come with bandwidth limits, and charges per GB over the standard monthly utilisation. This is a relatively new concept in retail broadband in the UK (In Oz it is almost the standard).
Anyway, it's sort of weird that the ISPs now actually have a vested interest in their users contracting malware; they make more money out of it in over-charges...
Invoicing, Time Tracking, Reporting
Speaking as a UK consumer, it doesnt surprise me. Most of the people i deal with dont bother with a virus checker until they start having problems, and most viruses these days seem to be designed for creating botnets so try to not to hog resources, crash the computer or use too much bandwidth. If only other windows programs were so well designed :-)
When I first got broadband (About 2 years ago?) , the ISP i use, (Pipex) offered a free virus checker and gave instructions on how to run it. They dont any more. Nor do anyone else.
I personally think that no-one who manages their own computer and *doesnt* know when their virus checker was last updated shouldnt be allowed near the internet.
Someone at Symantic retiring and they are trying to pump up the stock?
Recent Symantic news:
OSX Doom and gloom, Symantic will save you.
Fire Fox doom and gloom Symantic will save you.
Now this
Paying taxes to buy civilization is like paying a hooker to buy love.
How about Tommy Two-Pint?
Most of the big ISPs in the UK supply these horrible usb modems for their ADSL service, leaving the only protection being the Windows firewall. I've had to sort out several PCs from friends and family that were brand new, but shipped with XP SP1 and pwned within minutes of plugging these modems in. Contrast this to when I lived in Holland - adsl routers with NAT always supplied or recommended.
If a man empties his purse into his head no man can take it from him. An investment in knowledge pays the best interest.
Ah, at least 4% have one of those nasty "connect to the internet via a premium rate number" viruses.
Watch this Heartland Institute video
I recently read that over 40% of UK Internet connections were now broadband, and most of these became active within the last year.
I think the broadband providers should offer a router with a suitable built-in hardware firewall as a standard part of the package (or failing that insist on you having an 'approved' router/modem with then necessary smarts, in the service contract).
Unfortunately most of the domestic packages are still 'wires only'.
And thankfully more people are going to wireless
Yes, thankfully they are going to wireless. Thank the lords of Kobol, they will doubtless put great effort into security even though they never paid more than lip service while wired. For example, ask your neighbor how many minutes he had a wireless connection before he changed the default ssid and admin password. Probably less than 2. Probably also set it up to use MAC address lists...These things are as hardened as you can make the "average" access-point" and I doubt that 5% of the access points have had this done. (I know that the above does not make it secure, but it would keep out a good chunk of trouble)
Well, NAT might be a good thing in that it's a simple "security" step that _currently_ helps protect users against _some_ threats.
Alas, it does really break the way the 'net works - hosting your own services can be a screaming nightmare over NAT. With static IP addresses, always-on 'net connections, and things like MacOS/X's Apache-based "personal web sharing", that's no longer just the preserve of the hard-core geek.
I'm with the parent poster to your post in most regards. I'm also still hopeful that we'll see IPv6 start to take the worst of the weight off soon (now that 6to4 permits it to be adopted in cells anywhere on the 'net).
The uptake of broadband and WiFi has been immense over the past 6 or so months. Where before I had no problems with WLAN coverage as mine was the only one on the street, now there's one eminating from every home. Just in the few surrounding roads there are dozens of wireless networks in place, and hardly any have even changed the SSID, let alone disabled broadcasting of it. Only a handful use any form of actual security, such as WEP.
Even the people that should know better, such as my neighbour that claims to be an IT professional (if you're reading this, no. 14, TURN ON WEP AND CHANGE THE DAMN SSID!) have left their connections wide open.
This isn't just a security issue though. It becomes a real annoyance when my PDA wants to connect to any of the unsecure networks within range, and won't even detect my own. Consumer WAPs should have SSID broadcasting off by default - it's only necessary for public access points - and consumers need to be made aware that these devices should not just be plugged in and used without putting in place decent security measures. The initial setup wizards should leave them with a far more secure network, because the reduction in performance from using WEP is nothing compared to having me use your ADSL for bittorrent downloads.
This comment was formatted for readability, but I forgot the line break tags
I don't really agree re weak typing, though. It's not really weak typing that's at issue, it's that memory management is still done "by hand". Most of the nasty overflows stem from the fact that C lets you copy a 200 char long buffer into (and over the end of) a char[20]. There are other related issues, but I don't think weak typing is one of them. Weak typing is dumb, yes, but I think manual memory management is the real culprit.
Also, while ISPs can't track down all the compromised machines, some simple steps can massively reduce the damage:
My ISP does all of this, and more. It's really only the responsible thing to do, and I don't expect it costs them a large amount of time. The biggest cost is probably slightly smarter and more powerful routers.
Yeah, it's all McDonalds, Burger King and Dominoes these days..
After moving from the UK to the USA I am not supprised about this statistic. The simple reason I can see is the cost of (antivirus) software and (router) hardware in the UK is probably the most expensive in the world - a detereant to end users actually buying and using them.
We need a site called geek-exchange so people like us can swap inconveniently-situated tech problems (ie, I fix your mum's PC if you do my cousin's....)
It'd save us all an awful lot of driving.
I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
What else can you do?
1) Use Firefox as your web browser rather than IE. Firefox has some security issues too, but many fewer than IE. Keep your browser software up-to-date.
2) Disable Java Applets in your web browser unless you reall need them (I don't mean JavaScript).
3) If you can do without the advanced features of MS Outlook, use an alternative email program like Thunderbird.
4) Download and install AdAware and/or Spybot SD and run them regularly, and update them often.
5) Turn-on Windows update and make sure you keep your systems patched.
6) Keep your AV software of choice up-to-date (I don't know 'Avast' but I'm sure it should be able to auto-update).
7) Most importantly, use some kind of firewall. Ideally a hardware one built into your ADSL modem or router. Failing that, a software one, like the one built into Win/XP, or one of the may commerical, or free ones).
Sorry, don't have time to post the links for any of this stuff, just Google for them.
I read here that bots in the UK nearly led to nearly half a billion dollars being siphoned off a Japanese bank.
The latest gadget news and reviews. www.absolutegadget.com
I'm an American student studying abroad here in London, and one thing I have noticed is that port 25 isn't blocked outgoing at any of the places I've been online. While as a Linux user this is convenient because I can use my laptop's own smtp server to send mail without hassle, I'd rather they be blocking port 25 outgoing to prevent spam.
If you don't have port 25 blocked, you can expect to see a hell of a lot of spam bots on your networks, because they'll be effective.
-Jay
What is it with news reporting that they never attach a data appendix? C'mon guys. We wanna know:
# bots worldwide
# broadband computers worldwide
# bots in UK
# broadbanded computers in UK
[repeat for US, China, Canada, Spain, etc.]
[then, for kicks, break them down by OS]
"We reject as false the choice between our safety and our ideals." --The American President (20.1.2009)
However, children will be more likely to open up attachments, surf around the online gaming sites which come with spyware toolbars and so on. This will make the problem of not having a firewall/antivirus/anti spyware much worse.
I don't know about the situation in the US, but it's certainly about time ISPs started handing out information with their broadband packages, to prevent this kind of 0wn4ge. Alternatively, after installing the cable modem, they can install anti-virus software and a decent firewall, as part of the package. I'm sure this would significantly reduce these occurrences.
The problem in the first is getting people to read the material, and in the second if people then upgrade/reinstall, ensuring that they also install the security applications.
im in ur