New Zealand is as susceptible to all kinds of cyber attacks as the rest of the world, says Rogan Mallon, principal systems engineer at Symantec New Zealand. This is despite our remote location and low population and is because of our increasing use of broadband.
“What we have observed globally is that as countries adopt broadband, they go through this period where they are relatively good targets and their attack rates go up,” he says.
As the connected users become more technically savvy, and start deploying defence mechanisms, attack rates generally decline.
Given that New Zealand is going through a broadband growth stage at the moment, attack rates are likely to increase, he says.
Botnets are also likely to increase in New Zealand, as the number of bot networks is directly related to the number of connected systems, he says.
“In [Asia-Pacific] we have several of the top botnet infected cities, for example Beijing,” says Mallon. “So, regionally, we are pretty susceptible. And again, that comes back to growing broadband presence.”
Symantec’s latest Internet Security Report, released last week, shows that China has the highest number of bot-infected computers, accounting for 20% of the worldwide total. The US has the highest number of bot command-and-control servers, with 42% of the total.
Adware and spyware are still very much on the rise, says Mallon, and, because of the way they propagate, they are not country or region specific type of threats — they can hit anyone.
As hackers become more motivated by money rather than just doing it for kicks, the attacks have become more subtle and targeted. There are now groups of individuals who are commissioning malicious code-writers to write code to, for example, generate a bot network, he says.
One example is the Zotob-virus that broke out in August 2005. The programmers who wrote the virus were arrested, but the police also arrested the person who commissioned the virus.
“The motivation for commissioning the programmers was that [that person] wanted to get a bot network in place [to be used for] sending spam,” he says.
Another potential risk is the growing use of fuzzers. Formerly, security vulnerability researchers needed to do a lot of manual data input and analyses to try to find flaws and vulnerabilities, but now they have fuzzers, automated tools and technologies that help researchers do their job, says Mallon.
However, while immensely helpful, fuzzers can also cause trouble.
Fuzzers are now relatively easy to use and Symantec anticipates seeing many amateur researchers adopting them. The problem is they can be used to find “false positives” — vulnerabilities that aren’t necessarily exploitable, and this could potentially cause a flood in the reporting of vulnerabilities.