Australia may be located half a world away from the heavily-populated European and US zones, but that hasn't stopped us from claiming the crown as one of the world's most heavily-attacked countries, according to figures released this week as part of Symantec's latest Symantec Intelligence Report.
The monthly report collates data from Symantec-owned message-security firm MessageLabs and Symantec's own broad security practice and Symantec.cloud to provide a quantitative update on the state of online security.
And that state, the latest figures suggest, suggests that online troublemakers are rapidly shifting their vectors of attack: while spam volumes dropped 3.7 per cent from October, to 70.5 per cent of all emails, the number of malicious Web sites being blocked per day rocketed 47.8 per cent over the previous month, to 4915 new sites being blocked every day.
One in every 255 emails was malicious, while one in 8300 of those, or one in 2 million emails, was considered to be "highly targeted" – customised for believability using social engineering or other techniques. Large companies – those with 2500 or more employees – were at far greater risk of being targeted by a highly-targeted attack, with Symantec's cloud security service blocking 36.7 targeted attacks per day; by contrast, the lowest cohort, those with 1000 to 1500 employees, had just 3.1 such attacks daily.
The explosion in malicious Web sites is not unexpected, with rapidly-spreading attacks continuing to infect new sites at a rapid rate weeks or months after they emerge. "Often this number is higher when Web-based malware is in circulation for a longer period of time to widen its potential spread and increase its longevity," the report's authors noted.
It is Symantec's geographical breakdown, however, that may raise the most interest: average Australian companies receive one targeted attack every 3.1 days, putting it fourth on the leader board of most-attacked countries; by contrast, US companies were attacked once a day, UK companies once every 1.2 days, Chinese companies every 16.3 days, and New Zealand companies every 61.8 days.
Phishing remains a big problem in Australia, which receives 6.9 per cent of the world's phishing emails – putting it third behind the UK (61.2 per cent) and US (15.3 per cent). The number of phishing Web sites increased by two-thirds in November, with Facebook by far the most common target. And email-borne malware accounted for 5.6 per cent of traffic in Australia, again putting it third behind the UK (61.2 per cent) and US (16.3 per cent).
Interestingly, the most common trigger for a Web-based interception through Symantec's filtering service was advertisements, which accounted for 32.4 per cent of Symantec-enforced security blocks during the month. This reflects both a desire for a cleaner corporate Web experience, and a risk from 'malvertisements' with malicious code embedded.