UK Officially The Most Hacked Country

← Back to Stories (view on slashdot.org)

UK Officially The Most Hacked Country

Posted by CmdrTaco on Tuesday March 22, 2005 @03:41AM from the take-pride-in-your-position dept.

_Hellfire_ writes "Symantec's Internet Security Threat Report for the second half of 2004 says that the UK is leading the rest of the world with bot networks. The report states that "...25.2% [of bots] are located in the UK. That now puts the country ahead of the US (24.6%), China (7.8%), Canada (4.9%) and Spain (3.8%)". Symantec blames a sudden uptake of residential broadband connections without the awareness of the required security measures."

37 of 417 comments (clear)

Wow, a .6% lead by Anonymous Coward · 2005-03-22 03:44 · Score: 5, Insightful

I wonder how accurate these statistics are.
1. Re:Wow, a .6% lead by dominator · 2005-03-22 04:54 · Score: 5, Insightful
  
  What I find it interesting is that a country with 1/4 the US's population and with a roughly equivalent standard of living represents a roughly equivalent percentage of the world's hacked PCs, even if the difference between the UK and US is within this poll's margin of error.
  
  Is the US public that far behind in broadband connections? Is the UK public engaging in more risky computing practices? Are US ISPs blocking more 0wn3d boxes? Are the UK ISPs incompetent, overwhelmed, or more laisse-faire?
UK rules OK by dances+with+elks · 2005-03-22 03:44 · Score: 5, Funny

Number one, Number one, Number one, Number one, Number one, Number one, Number one, !! we had to win at something sooner or later

--
Will wash cars for karma
1. Re:UK rules OK by Deusy · 2005-03-22 04:06 · Score: 5, Funny
  
  We're pretty awesome at binge drinking too, y'know!
  
  --
  Free Gamer - Free games list and commentary
2. Re:UK rules OK by Hogwash+McFly · 2005-03-22 04:19 · Score: 4, Funny
  
  The trouble with the UK is that you can't do the 'Yoo Ess Ay!'-while-clutching-a-miniature-flag chant because there aren't enough syllables. You could add in a cha-cha-cha to make it 'Yoo Kay, cha-cha-cha', although that's perhaps a little too flamboyant.
  
  --
  Mother, do you think they'll like this sig?
Statistics..... by wpiman · 2005-03-22 03:44 · Score: 5, Insightful

You have to wonder about this. They show the US at 24.6% of PCs compromise- and the UK at 25.2%. This is well within the margin of error for even the most rigorous of surverying.
1. Re:Statistics..... by kevin_conaway · 2005-03-22 03:48 · Score: 5, Funny
  
  Ah come on, you can make up statistics to prove anything. 14% of people know that.
2. Re:Statistics..... by tabkey12 · 2005-03-22 03:50 · Score: 4, Insightful
  
  But considering US has 4.5 times as many people - the fact that the UK is that high at all is very worrying.
  
  --
  Get a free iPod Nano 4GB!
3. Re:Statistics..... by Monkelectric · 2005-03-22 03:51 · Score: 5, Insightful
  
  Well, if you think about per capita, the UK has a much worse problem. However, I think what theyre really saying is, "sales of symantec products poor in the UK."
  Maybe the brits just know that symantec has been a joke for years.
  
  --
  Religion is a gateway psychosis. -- Dave Foley
4. Re:Statistics..... by quigonn · 2005-03-22 03:55 · Score: 3, Funny
  
  When was the last time you won a football tournament?
  
  England always wins in the Premier League...
  
  --
  A monkey is doing the real work for me.
5. Re:Statistics..... by Monkelectric · 2005-03-22 05:39 · Score: 4, Informative
  
  The corporate product is very stable and signature updates are de facto free
  Except that the signatures are lightyears behind ... Panda: Updates once a day, Trend: updates every 3 hours. Symantec: Every TWO WEEKS.
  Two weeks is simply unacceptable. Contrary to their literature, Symantec does *NOT* take security seriously.
  
  --
  Religion is a gateway psychosis. -- Dave Foley
6. Re:Statistics..... by Monkelectric · 2005-03-22 06:06 · Score: 3, Informative
  
  The symantec client updates every 1-2 weeks by default. However, you can change this setting to daily. I know this is true in the corporate version
  Ok, but is symantec updating their defs every 1-2 days? Trend updates 2 or 3 times a day on slow days. I was under the impression that symantec updates their defs like once a week.
  
  --
  Religion is a gateway psychosis. -- Dave Foley
w00t by cca93014 · 2005-03-22 03:45 · Score: 3, Funny

w00t! Finally we lead the world at something!

--
Invoicing, Time Tracking, Reporting
It's called a hardware NAT router by jabuzz · 2005-03-22 03:45 · Score: 5, Interesting

Basically they should be made compulsary for all broadband connections. It is the plethora of cheap USB ADSL modems that are being offered free with connections that it causing the problem.
1. Re:It's called a hardware NAT router by B2382F29 · 2005-03-22 03:49 · Score: 3, Insightful
  
  You don't need NAT, a simple firewall which blocks connections not initiated from the internal computer is enough. NAT is fine if you have > 1 computers but NAT itself isn't the magic silver bullet.
  
  --
  Move Sig. For great justice.
2. Re:It's called a hardware NAT router by caluml · 2005-03-22 03:58 · Score: 3, Insightful
  
  It's called a hardware NAT router
  Cmon, a NAT router won't stop someone getting infected via some malware run by their browser, and then connecting out to an IRC channel awaiting commands. It won't stop someone sending spam either. NAT isn't the answer.
  
  --
  Get your own free personal location tracker
3. Re:It's called a hardware NAT router by ka9dgx · 2005-03-22 04:02 · Score: 4, Insightful
  NAT doesn't solve the problem, it merely hides the symptoms of the bigger picture:
  
  The users expect an appliance, and don't want to be sysadmins
  
  The company that likely created the OS is driven by marketing, and the need for features over stability
  
  The programmers that wrote the code were under pressure to meet deadlines, and just get it shipped.
  
  The language chosen to write the OS and applications in is weakly typed, and prone to holes.
  
  The security model of the OS based on access control lists, which are insufficient to meet the challenges of mobile code
  
  The internet service providers are under economic pressure, and have insufficient resources to track down and take offline all of the compromised machines
  
  Hardware has gotten so fast that sometimes its just not perceptable that a machine is a zombie, until it gets quite overt
  
  The globally distributed nature of the treat makes it almost impossible to isolate and address with the court system
  
  The economic incentives to take over your machine increase daily, as more creative (profitable) uses are found for it.
  
  The barriers to entry that do exist are constantly being lowered as new tools become available to script kiddies, etc.
  
  When you go with NAT, you fundamentally break the end to end nature of the InterNet, and you don't solve any of the above problems.
  NAT is a band aid at best, and the end of the InterNet at worst.
  --Mike--
4. Re:It's called a hardware NAT router by CdBee · 2005-03-22 04:10 · Score: 3, Informative
  
  When you go out and buy a new XP PC, or have to reinstall it using the restore CD.. and if you;re a clueless noob like most surfers, that's when you find that NAT is the answer.
  
  A lot of zombifying malwares DO spread by direct infection of unpatched machines. Those 30 mins it takes to download patches are the time in which NAT is a lifesaver. Of course it should always be accompanied by software firewalling to control outgoing connections.
  
  --
  I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
USA is not #1 by spicydragonz · 2005-03-22 03:45 · Score: 5, Funny

Yet another example of the rest of the world overthrowing american hegemony. We all need to do our part to get USA back on top. Install worms and Trojans.
hacking abroad by cwebb1977 · 2005-03-22 03:46 · Score: 5, Insightful

Or it is because most hackers or script kiddies are located in the US and elsewhere outside the UK and they prefer hacking abroad, because that might limit the possibility of legal troubles.

--
www.weberseite.at
As a Brit... by bobintetley · 2005-03-22 03:47 · Score: 5, Interesting

I can definitely vouch for this, I personally witnessed some 20 odd pieces of malware duking it out on my brothers 2Mbit broadband to see who could relay the most spam.

Since then, I've converted the majority of my friends and family to Debian and they haven't looked back.
Bad Broadband by epiphani · 2005-03-22 03:49 · Score: 4, Insightful

I personally think that the approach towards broadband was mostly done wrong. The large majority of users should never be fully visible online - those broadband routers should be doing NAT for all but a small minority of users.

While we cant code or design around user stupidity (in the sense that if you give a user a button that says "DONT CLICK HERE, IT WILL INSTALL A SPYBOT" and they'll still click it), we certainly can design around stupid operating systems that have holes you could drive a transport truck through. NAT does this quite well - I reccomend a NAT router (WRT54G, specifically) for everyone I know - including myself. It saves massive amounts of problems.

Part of the issue also lies with the fact that most "concious" users load up their PC with firewalls and zonealarm and so forth to the point where its slow because of all the crap on the system.

--
.
Symantec Security Studies... by Onimaru · 2005-03-22 03:51 · Score: 4, Insightful

...say that you should buy more security products! Wow, it's almost like the MS studies that say linux is more expensive and the environmental studies by the meat industry that say millions of gallons of pig shit isn't harmful to the environment so you might as well just spray it into the air.

This is the second one in as many days, too. Come on, could we get a real story, not one spun from the gossamer threads of greed and conflict of interest?

--
adam b.
Re:required skills by DigiShaman · 2005-03-22 03:55 · Score: 4, Insightful

Having a licence required would cause the PC/Internet access industry to plummet. And because of lack of consumer investment, progress in newer technologies would slow down.

Ya, spyware sucks ass. But I'll just let the free market take care of this. Until then, I'm willing to take the good with the bad.

--
Life is not for the lazy.
Speaking as a non-hacked Brit by CdBee · 2005-03-22 03:56 · Score: 5, Interesting

The situation really is bad..
In the last year 512Kbs ADSL Broadband has tumbled in price to little more expensive than unmetered dial-up, and a lot of clueless types bought in

Typical British ISPs provide a USB modem for ADSL or an Ethernet/USB Cable modem, and a driver/configurator disk. No consumer ISP provides a NAT router by default (its a costly option, and usually a crappy rebranded far-eastern product that crashes all the time).

Very few of them even provide a software firewall. AOL is a notable exception (about time they did something right) providing a firewall in their standard AOL Broadband software.

I spend a lot of my free time installing Zonealarm/Sygate Personal for clueless people wondering why their brand new XP box and brand new ADSL connection keep crashing....

--
I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
1. Re:Speaking as a non-hacked Brit by Ford+Prefect · 2005-03-22 04:26 · Score: 4, Interesting
  
  Typical British ISPs provide a USB modem for ADSL or an Ethernet/USB Cable modem, and a driver/configurator disk. No consumer ISP provides a NAT router by default (its a costly option, and usually a crappy rebranded far-eastern product that crashes all the time).
  
  I got a fairly decent NAT router with my ADSL account with a small UK ISP. They also block a variety of Windows-worm-attracting ports by default - you have to ask to get them unblocked, and then they'll run a quick port-scan on your system to make sure you're not a sitting duck.
  
  I've not actually needed any ports unblocking, and I'd class myself as a fairly advanced user. So why can't the big-name ISPs do this as well? Okay, it's not going to stop browser malware, email trojans and the like, but it'll definitely help against the nastier, faster-spreading worms...
  
  --
  Tedious Bloggy Stuff - hooray?
Hacky by Doc+Ruby · 2005-03-22 03:57 · Score: 4, Informative

"Most hacked" is not the English translation of "largest percentage hacked". "Most hacked" would refer to the largest quantity hacked. The proper English translation of that statistic is "most hacky" - even if I did just make up "hacky".

--
--
make install -not war
Blimey by stratjakt · 2005-03-22 03:59 · Score: 5, Funny

I blame the abundance of Spam from the UK squarely on Monty Python.

Now they want to bring "Spam A Lot" to the US? I don't think so, Nigel.

Time to dump some tea into the harbour.

--
I don't need no instructions to know how to rock!!!!
Just thought by cca93014 · 2005-03-22 04:00 · Score: 4, Insightful

A lot of ADSL connections in the UK now come with bandwidth limits, and charges per GB over the standard monthly utilisation. This is a relatively new concept in retail broadband in the UK (In Oz it is almost the standard).

Anyway, it's sort of weird that the ISPs now actually have a vested interest in their users contracting malware; they make more money out of it in over-charges...

--
Invoicing, Time Tracking, Reporting
UK consumers by ScouseMouse · 2005-03-22 04:02 · Score: 3, Interesting

Speaking as a UK consumer, it doesnt surprise me. Most of the people i deal with dont bother with a virus checker until they start having problems, and most viruses these days seem to be designed for creating botnets so try to not to hog resources, crash the computer or use too much bandwidth. If only other windows programs were so well designed :-) When I first got broadband (About 2 years ago?) , the ISP i use, (Pipex) offered a free virus checker and gave instructions on how to run it. They dont any more. Nor do anyone else. I personally think that no-one who manages their own computer and *doesnt* know when their virus checker was last updated shouldnt be allowed near the internet.
1. Re:UK consumers by prandal · 2005-03-22 04:35 · Score: 3, Insightful
  
  Most of the virus infections I've dealt with on friends' and acquaintances' Windows PCs have occured on boxes running (yes, you've guessed it) Norton Antivirus. I routinely uninstall Norton and replace it with Avast! Personal Edition.
  
  Some antivirus vendors have yet to catch on to the idea that virus patterns need updating on a daily or more frequent basis. So along comes a new Bagle variant, which is yet to be detected by Norton, and the first thing it does is kill Norton's on-access scanner.
So is... by ArsonSmith · 2005-03-22 04:03 · Score: 4, Interesting

Someone at Symantic retiring and they are trying to pump up the stock?

Recent Symantic news:
OSX Doom and gloom, Symantic will save you.

Fire Fox doom and gloom Symantic will save you.

Now this

--
Paying taxes to buy civilization is like paying a hooker to buy love.
Re:So... when we talk about the average user by kevin_conaway · 2005-03-22 04:04 · Score: 5, Funny

How about Tommy Two-Pint?
It's the modems! by GuerillaRadio · 2005-03-22 04:06 · Score: 5, Insightful

Most of the big ISPs in the UK supply these horrible usb modems for their ADSL service, leaving the only protection being the Windows firewall. I've had to sort out several PCs from friends and family that were brand new, but shipped with XP SP1 and pwned within minutes of plugging these modems in. Contrast this to when I lived in Holland - adsl routers with NAT always supplied or recommended.

--
If a man empties his purse into his head no man can take it from him. An investment in knowledge pays the best interest.
Re:True story about a non-hacked Brit's parents by CdBee · 2005-03-22 05:32 · Score: 5, Insightful

We need a site called geek-exchange so people like us can swap inconveniently-situated tech problems (ie, I fix your mum's PC if you do my cousin's....)

It'd save us all an awful lot of driving.

--
I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
UK almost hosted the world's biggest cyberheist by Madas · 2005-03-22 06:04 · Score: 4, Interesting

I read here that bots in the UK nearly led to nearly half a billion dollars being siphoned off a Japanese bank.

--
The latest gadget news and reviews. www.absolutegadget.com
Re:4x lead when population normalized by It'sYerMam · 2005-03-22 10:59 · Score: 3, Insightful

Here in the UK there is a big push for broadband coverage and general access. There's also a lot of work going into Wi-Fi hotspots and perhaps more importantly, a lot of things targeting children. With PCs in schools, and regular access to the internet as part of the curriculum (in fact, IT is now becoming compulsory from the start of schooling) children are increasingly being active on the internet. Parents will surely hear the scare stories about chatrooms, paedophiles and so on, and perhaps will make sure children do not do that kind of thing.
However, children will be more likely to open up attachments, surf around the online gaming sites which come with spyware toolbars and so on. This will make the problem of not having a firewall/antivirus/anti spyware much worse.
I don't know about the situation in the US, but it's certainly about time ISPs started handing out information with their broadband packages, to prevent this kind of 0wn4ge. Alternatively, after installing the cable modem, they can install anti-virus software and a decent firewall, as part of the package. I'm sure this would significantly reduce these occurrences.
The problem in the first is getting people to read the material, and in the second if people then upgrade/reinstall, ensuring that they also install the security applications.

--
im in ur .sig, writin ur memes.