Is Your Device Part of an Illegal Hacking Gang? Norton

A year on from the Mirai botnet’s first major attack – which brought much of the internet to a standstill -Norton by Symantec (NASDAQ: SYMC), the world’s leading cyber security company, reveals how the global botnet has grown and which countries and cities unwittingly played host to the greatest number of bot infections. 6.7 million more bots joined the global botnet in 2016, and the Gulf Cooperation Council (GCC) made up nearly 11.4 percent of the Middle East’s total bot population.
According to global research from Norton:
Riyadh, Kingdom of Saudi Arabia, ranked #1 city in the GCC for the highest source of bot infections. It also ranked as the 4th city in the Middle East with 43.1 percent of bots in the region;
Dubai, United Arab Emirates, ranked #2 most bot infected city in the GCC and 6th in the Middle East with 24.7 percent of bots in the region;
Kuwait City, Kuwait, ranked #3 most bot infected city in the GCC and 10th in the Middle East with 13.2 percent of bots in the region;
Bots are Internet-connected devices of any kind, such as laptops, phones, IoT devices, baby monitors, etc. infected with malware that allow hackers to remotely take control of many devices at a time, typically without any knowledge of the device owner. Combined, these devices form powerful bot networks (botnets) that can spread malware, generate spam, and commit other types of crime and fraud online.
“The GCC is widely considered a region that adopts new technologies more readily when compared to other global markets. But there seems to be a limited awareness amongst consumers about the various risks associated with using internet connected devices. In fact, more than 2.53 million consumers in the UAE were victims of online crime in the past year, and bots and botnets are a key tool in the cyber attacker’s arsenal,” commented Tamim Taufiq, Head of Norton Middle East.
“It’s not just computers that are providing criminals with their robot army; in 2016, we saw cyber criminals making increasing use of smartphones and Internet of Things (IoT) devices to strengthen their botnet ranks. Servers also offer a much larger bandwidth capacity for a DDoS attack than traditional consumer PCs,” added Taufiq.
In fact, IoT devices may be part of the uptick in global bot infections in 2016. During its peak last year, when the Mirai botnet – made up of almost half a million Internet-connected devices such as IP cameras and home routers – was expanding rapidly – attacks on IoT devices were taking place every two minutes. Unbeknownst to the device owners, one in 50 IoT attacks originated from devices in the Middle East alone. The UAE accounted for five percent of IoT attacks coming from the Middle East in 2016.
The ratio of bots per internet connected user in the GCC was significant as well. There is one bot for every 20 internet users in Kuwait; one bot for every 28 internet users in the UAE; and one bot for every 35 internet users in KSA. The number is lower for Oman where there is 1 bot for every 50 internet users.
However, where a bot resides is not indicative of where its creator may live – an infected device in Dubai, for example, could contribute to an attack in the Asia, and be controlled by a cybercriminal somewhere in the United States.
Warning Signs and Tips to Stay Protected:
A bot might cause a device to slow down, display mysterious messages, or even crash for no apparent reason. Consumers should run a full diagnostic if any warning signs appear.
To safeguard against malicious bots:
Install robust security software and firewalls to secure your device
Never ignore system updates. Configure your software’s settings to update automatically to make the most of patches and fixes that vendors provide
Never click on file attachments within emails or messages unless you can verify the source of the attachment is legitimate. Be particularly wary of Microsoft Office attachments that prompt users to enable macros
Use a long and complex password that contains numbers and symbols and never use the same password for multiple services
Enable advanced account security features, like two factor authorisation and login notification, if available
Increase the security settings on your browser and devices
Always log out of your session when done
[ENDS]
GCC Bot Volume and Ranking:
Rank 2016 % of GCC % of Middle East
1 KSA 48.6% 5.52%
2 UAE 24.8% 2.82%
3 Kuwait 13.2% 1.50%
4 Oman 5.4% 0.62%
5 Qatar 5% 0.57%
6 Bahrain 2.9% 0.33%
Top cities for ‘bots per capita’: GCC
Rank 2016 Middle East Ranking
1 Riyadh 4
2 Dubai 6
3 Kuwait City 10
4 Muscat 20
5 Doha 22
6 Dammam 26
7 Manama 33
8 Jeddah 43
About the Data
Symantec has established one of the most comprehensive sources of Internet threat data in the world through the Symantec Global Intelligence Network. The Symantec Global Intelligence Network tracks over 700,000 global adversaries and records events from 98 million attack sensors worldwide. This network monitors threat activity in over 157 countries and territories through a combination of Symantec and Norton products, technologies and services, and other third-party data sources. These resources give Symantec analysts unparalleled sources of data with which to identify, analyze, and provide informed commentary on emerging trends in attacks, such as botnet and malicious code activity, phishing, and spam.
Data source for Internet-connected populations found at Internet World Stats as reported on 25 July 2017: http://www.internetworldstats.com/stats.htm