The Global Security Map - A Question and Answer Session on Cybercrime
Reporter Anthony Savarese talked with Jart Armin, Director of HostExploit, about Internet safety following the May publication of the inaugural' Global Security Report' and launch of the 'Global Security Map' an interactive tool displaying global hot spots for cybercrime according to geographic location. The HostExploit 'Global Security Map' project is in collaboration with Russian group Group-IB and CSIS in Denmark, known collectively as the European Cyber Security Federation, ECYFED.
The following is a transcript of the interview called 'Global Security Report'. The original is published in Italian on the DataManager.it website:
Everyone knows that cybercrime is hosted on servers around the world, but where? A new interactive web-based tool is designed to provide a greater understanding in this domain in search of solutions to a global problem. How much cybercrime is served by registered hosting providers of a single country?
An interesting question, which can now begin to be answered thanks to a collaborative initiative between HostExploit (Cyberdefcon Group Ltd.), the Russian group Group-IB and CSIS in Denmark. The Global Security Map displays global hot spots for cybercriminal activities according to geographic location.
The global security map is in a rapid stage of development and at the beginning of a long-term research cycle. Work is currently underway and there will be further improvements to the tool, which will allow users to drill down seamlessly from the world level, region, country, to trade on the internet, for AS (Autonoous System) and ISPs, and finally, IP, domains and URLs.
We spoke with Jart Armin, Director of HostExploit .
We believe this is a unique tool for its combination of detail and the high level of visualization, which also caters to a wide cross section of users. In calculating the level of 'badness' at the national level, the accuracy in identifying the countries that carry out this specific activity is of course critical. One of the reasons why up to now there has been a lack of studies on the geographic distribution of crime is that it is difficult to determine exactly where anything is physically hosted on the Internet, let alone where everything is. This should not be a deterrent to research. Rather, it should encourage further research, as inconsistent data, when publicly released, will put pressure on the relevant internet authorities to enable better methods of quantification. If you do not try to quantify nothing will ever change. Note also that the global security map, resources and related data are not intended as a statement that any government or country is actively involved in (or is a supporter of) criminal activity.
What is the health status of information security in the world?
Overall we have a bad health condition, the market for computer crime is growing rapidly, in 2012 earnings estimate for about USD15 billion versus USD11 billion in 2011, and this provides a quantitative basis of the threat. Depending on the mode of determination of costs for every USD1 in the market of cybercrime, there is a comparative spending of about $50 to $100 on cybercrime defenses. Added to this, the dramatic rise in Internet use worldwide puts a major stress on the existing physical infrastructure, as well as the DNS (Domain Name System).
What is the methodology used for the report?
The report uses as a tool called the HE Index, which represents levels of concentrations of malicious activity detected. It ranges from 0 to 1000, where 0 is zero harmful activities and 1,000 is the maximum level of illegal activity. An important aspect of the HE Index is that it measures concentrations of bad activity: in short, the size of the country is taken into account, so that larger countries will not come out on top simply because they contain more content.
Which are the states where there is the greatest danger and why?
In general, countries which suffer the highest levels of malicious activity can be divided into two categories. First are countries with a highly competitive field of web hosting. A well developed market implies the lowest prices possible. Examples include the Netherlands (# 6) and the United States (# 11). Second are countries with a low level of regulation. Often these are small countries, where the web hosting is not common, resulting in a lower level of regulation in progress. Examples include the British Virgin Islands (# 4) and the Republic of Moldova (# 9).
Could you provide some numbers and some examples?
The global security map is the result of extensive research into autonomous systems (ASN) - server, and ISP networks with IP routing. At the time of the report (May 05 2012), Lithuania is ranked # 1 with the highest levels of malicious activity around the world while Finland at No. 219 has the cleanest servers and networks. Armed with this information, the next step is to consider ways or realistic plans that can help reduce levels of malicious activity. For example, what is it that makes the difference between the country identified as the "worst", # 1 in Lithuania, and the "best", # 219 Finland!
What are the types of emerging risks?
Mobile security is still the largest area in which there is an 'emerging risk', but the theft of data (data breach) is still rising in many countries and there is still a need for effective legislation. The phenomenon of 'spear phishing' through social networks is becoming more sophisticated. These are now associated with polymorphic malware, which are designed not only to target a specific country, but to specific bank users based on demographic and social groups.
Will the rise of mobile computing security bring changes?
Mobile Security is our biggest challenge, with an estimated 450 million smartphones shipped in the last 12 months, it is estimated that access to the Internet will be greater from mobiles than from PCs by 2015. Device safety is still weak, and Android is the main objective of the cybercrimials. Many attacks in the mobile industry and the emergence of the first botnet dedicated to this sector ( Pocket botnets ) were found in China and Asia, due to high levels of use of mobile devices in these countries. More than one million Pocket botnets emerged in China, causing the first national warning to the Chinese public on Chinese television.
There are greater risks for companies or individual?
Both: companies and individuals are at risk.
To view the Global Security Map click here
To download the Global Security Report in English click here
To download the Global Security Report in Russian click here
HostExploit News Feeds
World Hosts Report Q3 2012A new #1 tops the ranking table in HostExploit's 'World Hosts Report Q3 2012'...
Knujon: ICANN Fails to Act on WHOIS non-ComplianceKnujon presents a detailed study of the way ICANN handles and tracks complaints...
APWG, OAS and ICANN Combined eCrime 2012 Summit for Members and ResearchersThis October, the APWG is pleased to present eCrime 2012, a combined event...