Israel Keeps Its Dubious Crown

Petah Tikva boasts the second-highest proportion of bot infections in the whole region of Europe, the Middle East and Africa as well.

Israel has much to be proud of, but one dubious distinction it might prefer to do without is that the People of the Book have the highest proportion of hackers per Internet user in the world.

The United States sports the highest absolute number of denial of service attacks. But Israel boasts the most malicious mischief per surfer in the world.

In a recent report on Internet security threats around the world during the first half of 2007, virus buster Symantec claimed that 11 percent of the computers used by Israeli surfers are directly responsible for online attacks and other hacker mischief.

Second to Israel in proportion of hackers is Canada, followed by the U.S. At least some things change: In the last Symantec report, on the second half of 2006, Israel still placed first in hackers per user (with 9 percent), but the second and third places were held by Taiwan and Poland.

In 2004, Israel was in fifth place. It has come a long way.

Another type of malware, or malicious software, is "software robots," popularly known as bots.

These uncharming pieces of malware usually arrive via spam emails (you know the type - "Boy do I have a deal for you. Pink Viagra and it really works!") What the bots do is comb through your hard disk seeking out information about you. Sometimes, they also help the perpetrator steal your identity, not for the sake of playing games, but to clean you out. And that doesn't mean your kitchen cupboards.

Symantec says that China has the most bot-infected computers, but Israel is in third place, with 3 percent.

Don't blame Petah Tikva for that paltry showing. In the Symantec ranking of cities with the most bot-infected computers, Petah Tikva places second in the whole of the EMEA (Europe, the Middle East and Africa). That is quite an achievement, given that in the previous report, on the second half of 2006, Petah Tikva was in ninth place.

The city of Haifa can command respect, too: It is in tenth place in the EMEA, up from twelfth place in the previous half year.

Why do Petah Tikva and Haifa rank so high? Chiefly because these two cities host the headquarters of Internet service providers - Internet Gold in Petah Tikva and NetVision in Haifa.

A worrying aspect of the Symantec report is that cybercrime seems to be not only spreading, but becoming more professional. It is no longer a question of some sickly pale megagenius kid sitting in his parents' basement hacking into the Pentagon: The company found a rising number of cyber-criminals using advanced tools to perpetrate malicious attacks.

Symantec brought the example of MPack, a set of tools developed by professionals and sold "underground." Hackers with MPack can install malware in thousands of computers around the world, then track the success of their attack (based on various criteria) using MPack's password-protected (!) software. Moreover, with MPack, hackers can mount a synchronized attack of several malicious programs acting together. In its previous report, Symantec identified synchronized attacks as a growing trend in Internet threats.

Arthur Wong, a senior vice president of Symantec Security Response & Managed Services, said that in the company's recent biannual reports on Internet threats, it has drawn attention to a substantial change in the attackers' motives - from glory to money. Internet malice is morphing into Internet crime, where the purpose is not to make your screen blow you a bazoo, but to steal your money. Online crime is turning professional, and to achieve their aims, the crooks are adopting much the same procedures as regular companies, said Wong.

Symantec also documented 237 vulnerabilities in web browser plug-ins, a vast jump compared with the 74 it found in the second half of 2006, or the 34 it found in the first six months of last year. Plug-ins are anti-piracy hardware devices that connect to a port on your computer. They sometimes come with software packages: The program will not work unless you have the plug-in. In other words, pirate copies of the software will not work.

Another worrisome development is malicious code that steals account information from online games, which have become enormously popular. That malware made up 5 percent of the top 50 malicious code samples, when measured according to potential infection rates, Symantec said. Moreover, it warned, online gaming often features actual shopping options, which create additional opportunities for cyber-crooks to rob you blind.

Spam, those pernicious, dogged emails pushing everything from impotence treatments to opportunities to make untold millions of dollars in Nigeria at a piddling investment of just, say, $5,000, comprised a huge 61 percent of all emails that Symantec tracked. That compares with 59 percent in the last half of 2006.

By the way, believe it or not, some people actually fall for the Nigerian scam. Some people actually do try to buy Viagra pills online. Some people really do lose all their money to cybercrooks.

Identity theft is one of the most frightening aspects of latter-day cybersurfing. Symantec points out that the theft or loss of a computer (or some other data-storage medium, such as a disk) accounted for 46 percent of all data breaches that could lead to identity theft.

In a not unrelated development, Symantec found that 58 percent of enterprises could suffer a serious loss of data once every five years, if not more.

These days, trolling the web looking for IDs to steal has become known as phishing. And today's hackers - kids are so spoiled these days, can obtain a phishing kit.

Phishing tool-kits are basically software that enable the hacker to create automated web sites that ape legitimate sites. Symantec reports that the three most popular phishing kits were behind 42 percent of phish bites during the half-year.