North America next on the fraud hit list 9 April, 2007 By Chris Talbot

PromoPipeline Exclusive Channel Promotions Find Out How You Can Make Money Today! ENROLL FREE! >> Underpromising William Vanderbilt - Innovative Learning Channels Services: I Can See Clearly Now Beth Vanni - Amazon Consulting Cutting the margin so many times William Vanderbilt - Innovative Learning Channels The Sign of Success - High Maintenance William Vanderbilt - Innovative Learning Channels Question for the Times: Build or Resell? Gary Bixler - AMD

At the moment, the majority of invisible malware attacks are happening in Europe and Asia, but the attacks on North American businesses are coming, said Brian Grayek, vice president of threat research at CA.

"It's a huge issue in China," Grayek continued. CA has security researchers in China, and the malware problem has become so problematic that it's had to increase its footprint. It's even opening a new research facility in Beijing.

Why China? And why Europe, for that matter?

"They're ramping up because it's the natural tendencies of criminals to attack what's easiest. I call it the law of nature," Grayek said.

In the wild, the lion doesn't go for the lead antelope; he goes for the weak one. It's the same with criminals, Grayek said. They go for the easiest target with the quick return for their money. China is a good target because of its poor security. Of the more than 120 million computers in the Chinese government, 80 per cent of them were hit by a major virus in the last year, he said. He said he couldn't even recall the last time a virus even had 30 or 40 per cent penetration in the U.S.

Even in Europe, though, the amount of malware penetration depends on the country, said Uriel Maimon, office of the CTO at RSA. In Germany and Switzerland, where strong authentication is mandated by law, financial institutions' customers have a printed matrix with secret passcodes. Phishing attacks are useless against them. Trojan, on the other hand, use data captured in real-time. Although there are cookie Trojans that can steal information, they may not be as effective in countries with security tokens or some other form of authentication that is better than login ID/password combinations.

However, the sneakier types of Trojans lie in wait on a person's computer until that person logs into a financial institutions. When that happens, the Trojan comes awake. When that person closes the session, the Trojan keeps it active, he said. Even strong authentication isn't enough.

"That's where we see Trojans going," Maimon said.

As regulations for authentication beyond username and password combinations come into effect in North America, the number of invisible malware attacks will increase, he added. Grayek compared the global security landscape to a castle. Imagine a castle with several guard towers. Three of those guard towers are manned by professional soldiers. The other two are manned by Uncle Billy-Bob and his friends. Which gates are invaders likely to strike at?

"You've got some areas that aren't quite as well-manned and well-researched as far as the current possibilities. And things are changing so drastically and so fast that you've really got to stay up," Grayek said.

It makes sense for malware to strike at certain countries and not at others. For instance, there's no sense attacking financial institutions in countries where very few people are connected to the Net and very little banking is done online. Contrast that with a country like France, which has laws against using encryption but is technologically-advanced. France is a really easy target, he said.

In countries where the penalties for such activities are harsh, it also doesn't make sense. Grayek said the penalty for hacking in Malaysia is death. Woe be it to the hacker who gets busted there.

Unfortunately, because of the number of people online and the amount of money in North America, particularly in the U.S., it's a major target. Grayek said North America is the number one target because of the money, the number of online banking users and the number of people with unsecure machines that can be used by stealthy malware for the author's own purposes.

"I think we're going to see it this year. I really do," Grayek said. "I hate to be the Chicken Little, but I think we're going to start seeing it start impacting North America ... much more this year than we did last year."