Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security

UK Officially The Most Hacked Country 417

_Hellfire_ writes "Symantec's Internet Security Threat Report for the second half of 2004 says that the UK is leading the rest of the world with bot networks. The report states that "...25.2% [of bots] are located in the UK. That now puts the country ahead of the US (24.6%), China (7.8%), Canada (4.9%) and Spain (3.8%)". Symantec blames a sudden uptake of residential broadband connections without the awareness of the required security measures."
This discussion has been archived. No new comments can be posted.

UK Officially The Most Hacked Country

Comments Filter:
  • Wow, a .6% lead (Score:5, Insightful)

    by Anonymous Coward on Tuesday March 22, 2005 @10:44AM (#12012062)
    I wonder how accurate these statistics are.
    • Re:Wow, a .6% lead (Score:5, Insightful)

      by dominator ( 61418 ) on Tuesday March 22, 2005 @11:54AM (#12012946) Homepage
      What I find it interesting is that a country with 1/4 the US's population and with a roughly equivalent standard of living represents a roughly equivalent percentage of the world's hacked PCs, even if the difference between the UK and US is within this poll's margin of error.

      Is the US public that far behind in broadband connections? Is the UK public engaging in more risky computing practices? Are US ISPs blocking more 0wn3d boxes? Are the UK ISPs incompetent, overwhelmed, or more laisse-faire?
      • Re:Wow, a .6% lead (Score:3, Informative)

        by Rimbo ( 139781 )
        "Is the US public that far behind in broadband connections?"

        Yup.

        Most people:
        a) don't see the need
        b) can't afford it
      • Show us the data (Score:3, Insightful)

        by PMuse ( 320639 )
        What is it with news reporting that they never attach a data appendix? C'mon guys. We wanna know:
        # bots worldwide
        # broadband computers worldwide
        # bots in UK
        # broadbanded computers in UK
        [repeat for US, China, Canada, Spain, etc.]
        [then, for kicks, break them down by OS]
    • Regardless, I blame George Bush for our falling out of the coveted #1 position. When will the decline of our country end?
  • UK rules OK (Score:5, Funny)

    by dances with elks ( 863490 ) on Tuesday March 22, 2005 @10:44AM (#12012065)
    Number one, Number one, Number one, Number one, Number one, Number one, Number one, !! we had to win at something sooner or later
    • Re:UK rules OK (Score:3, Interesting)

      by Ayaress ( 662020 )
      You know, this is sort of like when the US comes out #1 in road accidents or gun crime or something bad like that. We tend not to celebrate. Look on the bright side: Your beer is better than ours. If it weren't so hard to find in my area, I'd drink nothing but Bass.
      • American beer sucks period. Pretty much every other country [prolly including Iraq] has better beer.

        If you guys stopped watering it down it'd taste prolly a lot better.

        Tom
      • Are you kidding?! What area?

        I can find Bass at any local grocery store or liquor store. I think Wal-mart sells it. I know that Meijer does. It's everywhere. For a while, it was the only beer I'd buy.

        And I'm in Indiana.
      • Wow. You must really hate American beer. In the scheme of things, Bass is total ditchwater compared with some of the stuff that's out there. Although I imagine you wouldn't stand a hope in hell of getting a hold of any of it Over There.
        • Bass is total ditchwater compared with some of the stuff that's out there

          it`s like sex on the beach. both is fscking close to water. :)
        • Where is here and there? I can think of numerous British and AMerican beers that are better than Bass, and I'd imagine that not many of the American ones are exported, either.
    • by Norgus ( 770127 )
      Proud I am, to be a member of a country with an abnormally high number of complete dipshits who use computers.
    • by Deusy ( 455433 ) <charlie@NoSpaM.vexi.org> on Tuesday March 22, 2005 @11:06AM (#12012376) Homepage
      We're pretty awesome at binge drinking too, y'know!
    • by Hogwash McFly ( 678207 ) on Tuesday March 22, 2005 @11:19AM (#12012525)
      The trouble with the UK is that you can't do the 'Yoo Ess Ay!'-while-clutching-a-miniature-flag chant because there aren't enough syllables. You could add in a cha-cha-cha to make it 'Yoo Kay, cha-cha-cha', although that's perhaps a little too flamboyant.
      • It's at times like that that your boozed-up Englishman (Scots, Welsh and Northern Irish have different rules) resorts to chanting the name of the Swedish whore: Inga Lund, Inga Lund, Inga Lund!
  • Statistics..... (Score:5, Insightful)

    by wpiman ( 739077 ) * on Tuesday March 22, 2005 @10:44AM (#12012069)
    You have to wonder about this. They show the US at 24.6% of PCs compromise- and the UK at 25.2%. This is well within the margin of error for even the most rigorous of surverying.
    • by kevin_conaway ( 585204 ) on Tuesday March 22, 2005 @10:48AM (#12012140) Homepage
      Ah come on, you can make up statistics to prove anything. 14% of people know that.
    • Re:Statistics..... (Score:4, Insightful)

      by tabkey12 ( 851759 ) on Tuesday March 22, 2005 @10:50AM (#12012171) Homepage
      But considering US has 4.5 times as many people - the fact that the UK is that high at all is very worrying.
      • Re:Statistics..... (Score:3, Informative)

        by gl4ss ( 559668 )
        it wouldn't matter if us had 1000 times more the people.

        it's a percentual stat.

    • Re:Statistics..... (Score:5, Insightful)

      by Monkelectric ( 546685 ) <slashdot@monkelectric . c om> on Tuesday March 22, 2005 @10:51AM (#12012187)
      Well, if you think about per capita, the UK has a much worse problem. However, I think what theyre really saying is, "sales of symantec products poor in the UK."

      Maybe the brits just know that symantec has been a joke for years.

    • Re:Statistics..... (Score:2, Insightful)

      by ites ( 600337 )
      Furthermore the figure seems far too low. From my experience with Windows PCs, something close to 100% of home Windows PCs are compromised - I've not seen a single home Windows PC without some spyware or trojan in the last year.

      How can one count whether a PC is compromised? Perhaps by tracking and sampling bot traffic. But many compromised PCs are not used except to spread the parastical software. A zombied PC that is actively used tends to be noticed and wiped.

      I suspect the real figure - if one count
      • Re:Statistics..... (Score:3, Informative)

        by MustardMan ( 52102 )
        Furthermore the figure seems far too low.

        The figure is only for bot nets, which are a far more disruptive compromise than your standard trojan. A chunk of spyware on your own pc only hurts you, a zombie pc can be used to phish lots of cc numbers from unsuspecting suckers. I'm sure if you count spyware and the like, the number will skyrocket, but you start to get into grey areas when the spyware was installed by the user himself, willingly clicking through a long EULA.
    • An almost 10% margin of error is pretty huge.
    • While the number does seem high, especially given the ~5:1 population ratio, it does seem quite plausible to me that it might be at least in the ballpark. Even taking into account the number of worms that have an affinity for scanning the "local network", most of my firewall hits are from other UK residents. According to my latest firewall log report, the US, China, Japan and Korea pretty much make up the rest with only odd probes from other nations - even Russia is now an also ran!

      The question is, how

  • w00t (Score:4, Funny)

    by cca93014 ( 466820 ) on Tuesday March 22, 2005 @10:45AM (#12012079) Homepage
    w00t! Finally we lead the world at something!
    • by CdBee ( 742846 ) on Tuesday March 22, 2005 @10:56AM (#12012265)
      The situation really is bad..
      In the last year 512Kbs ADSL Broadband has tumbled in price to little more expensive than unmetered dial-up, and a lot of clueless types bought in

      Typical British ISPs provide a USB modem for ADSL or an Ethernet/USB Cable modem, and a driver/configurator disk. No consumer ISP provides a NAT router by default (its a costly option, and usually a crappy rebranded far-eastern product that crashes all the time).

      Very few of them even provide a software firewall. AOL is a notable exception (about time they did something right) providing a firewall in their standard AOL Broadband software.

      I spend a lot of my free time installing Zonealarm/Sygate Personal for clueless people wondering why their brand new XP box and brand new ADSL connection keep crashing....
      • by Ford Prefect ( 8777 ) on Tuesday March 22, 2005 @11:26AM (#12012612) Homepage
        Typical British ISPs provide a USB modem for ADSL or an Ethernet/USB Cable modem, and a driver/configurator disk. No consumer ISP provides a NAT router by default (its a costly option, and usually a crappy rebranded far-eastern product that crashes all the time).

        I got a fairly decent NAT router with my ADSL account with a small UK ISP. They also block a variety of Windows-worm-attracting ports by default - you have to ask to get them unblocked, and then they'll run a quick port-scan on your system to make sure you're not a sitting duck.

        I've not actually needed any ports unblocking, and I'd class myself as a fairly advanced user. So why can't the big-name ISPs do this as well? Okay, it's not going to stop browser malware, email trojans and the like, but it'll definitely help against the nastier, faster-spreading worms...
    • The UK has leaded the world of Music for years. Not comercially, but in quality and innovation.
      Up The Irons!.

      [Disclaimer: I'm not from the UK]
  • by jabuzz ( 182671 ) on Tuesday March 22, 2005 @10:45AM (#12012089) Homepage
    Basically they should be made compulsary for all broadband connections. It is the plethora of cheap USB ADSL modems that are being offered free with connections that it causing the problem.
    • You don't need NAT, a simple firewall which blocks connections not initiated from the internal computer is enough. NAT is fine if you have > 1 computers but NAT itself isn't the magic silver bullet.

    • Basically they should be made compulsary for all broadband connections. It is the plethora of cheap USB ADSL modems that are being offered free with connections that it causing the problem.

      And thankfully more people are going to wireless, which obviously necessitates a harware router, which should (for the most part) solve the problem. Hopefully.

      • And thankfully more people are going to wireless

        Yes, thankfully they are going to wireless. Thank the lords of Kobol, they will doubtless put great effort into security even though they never paid more than lip service while wired. For example, ask your neighbor how many minutes he had a wireless connection before he changed the default ssid and admin password. Probably less than 2. Probably also set it up to use MAC address lists...These things are as hardened as you can make the "average" access-point"
    • I'm in the UK; my broadband router does not do NAT or filtering. Guess what? I'm clueful enough to run my own firewall and lock down the boxes I own, so I'm not a problem.

      The only other two people I know well enough to comment on their security who have broadband have NAT routers. It doesn't exactly stop them getting turned into zombies from the warez they download and install (download 10 different "adobe photoshop cs" installers, run each one in turn until one works).

    • It's called a hardware NAT router

      Cmon, a NAT router won't stop someone getting infected via some malware run by their browser, and then connecting out to an IRC channel awaiting commands. It won't stop someone sending spam either. NAT isn't the answer.

      • by CdBee ( 742846 ) on Tuesday March 22, 2005 @11:10AM (#12012427)
        When you go out and buy a new XP PC, or have to reinstall it using the restore CD.. and if you;re a clueless noob like most surfers, that's when you find that NAT is the answer.

        A lot of zombifying malwares DO spread by direct infection of unpatched machines. Those 30 mins it takes to download patches are the time in which NAT is a lifesaver. Of course it should always be accompanied by software firewalling to control outgoing connections.
    • by ka9dgx ( 72702 ) on Tuesday March 22, 2005 @11:02AM (#12012331) Homepage Journal
      NAT doesn't solve the problem, it merely hides the symptoms of the bigger picture:
      • The users expect an appliance, and don't want to be sysadmins
      • The company that likely created the OS is driven by marketing, and the need for features over stability
      • The programmers that wrote the code were under pressure to meet deadlines, and just get it shipped.
      • The language chosen to write the OS and applications in is weakly typed, and prone to holes.
      • The security model of the OS based on access control lists, which are insufficient to meet the challenges of mobile code
      • The internet service providers are under economic pressure, and have insufficient resources to track down and take offline all of the compromised machines
      • Hardware has gotten so fast that sometimes its just not perceptable that a machine is a zombie, until it gets quite overt
      • The globally distributed nature of the treat makes it almost impossible to isolate and address with the court system
      • The economic incentives to take over your machine increase daily, as more creative (profitable) uses are found for it.
      • The barriers to entry that do exist are constantly being lowered as new tools become available to script kiddies, etc.
      When you go with NAT, you fundamentally break the end to end nature of the InterNet, and you don't solve any of the above problems.

      NAT is a band aid at best, and the end of the InterNet at worst.

      --Mike--

      • Well.... (Score:3, Informative)

        Most of your points I agree with, especially re NAT being harmful to the 'net. I think ISPs rather like NAT for exactly that reason - it makes NAT'd users "good little Internet consumers" whose ability to fully participate as a provider and a "consumer" on the 'net is somewhat crippled.

        I don't really agree re weak typing, though. It's not really weak typing that's at issue, it's that memory management is still done "by hand". Most of the nasty overflows stem from the fact that C lets you copy a 200 char lo
    • Or 'friends don't let friends put windows on networks'.

      Justin.

  • by spicydragonz ( 837027 ) on Tuesday March 22, 2005 @10:45AM (#12012093)
    Yet another example of the rest of the world overthrowing american hegemony. We all need to do our part to get USA back on top. Install worms and Trojans.
  • Should we change it to "Tommy six-pack" instead of "Joe six-pack" now?
  • hacking abroad (Score:5, Insightful)

    by cwebb1977 ( 650175 ) on Tuesday March 22, 2005 @10:46AM (#12012103) Homepage
    Or it is because most hackers or script kiddies are located in the US and elsewhere outside the UK and they prefer hacking abroad, because that might limit the possibility of legal troubles.
  • Yay! (Score:2, Funny)

    by Kid Zero ( 4866 )
    We're #2! We're #2! We're #2! :D
  • As a Brit... (Score:5, Interesting)

    by bobintetley ( 643462 ) on Tuesday March 22, 2005 @10:47AM (#12012117)
    I can definitely vouch for this, I personally witnessed some 20 odd pieces of malware duking it out on my brothers 2Mbit broadband to see who could relay the most spam.

    Since then, I've converted the majority of my friends and family to Debian and they haven't looked back.
  • by tabkey12 ( 851759 ) on Tuesday March 22, 2005 @10:47AM (#12012125) Homepage
    that is a HUGE number of bots. I wonder if there is a greater penetration of computers in the UK into homes, which might explain this.
  • Bad Broadband (Score:5, Insightful)

    by epiphani ( 254981 ) <epiphani AT dal DOT net> on Tuesday March 22, 2005 @10:49AM (#12012164)
    I personally think that the approach towards broadband was mostly done wrong. The large majority of users should never be fully visible online - those broadband routers should be doing NAT for all but a small minority of users.

    While we cant code or design around user stupidity (in the sense that if you give a user a button that says "DONT CLICK HERE, IT WILL INSTALL A SPYBOT" and they'll still click it), we certainly can design around stupid operating systems that have holes you could drive a transport truck through. NAT does this quite well - I reccomend a NAT router (WRT54G, specifically) for everyone I know - including myself. It saves massive amounts of problems.

    Part of the issue also lies with the fact that most "concious" users load up their PC with firewalls and zonealarm and so forth to the point where its slow because of all the crap on the system.
    • NAT has absolutely nothing to do with it. NAT only protects you from incoming connections. Trojans acquired from the web or email go straight around it. The only thing NAT gives you is a false sense of security (not to mention breaking anything peer to peer, such as video conferencing, without some really ugly hacks).
  • huh? (Score:2, Funny)

    by Anonymous Coward
    The UK the most hacked country in the world? I myself am a UK citizen, and can personally vouch for the fact that this is not true. I, for example, have never been hack-

    >>> ENLARGE YOUR PENIS 150%!!!!

    -ed. WTF?!? Wha-

    >>> Come see my hot pics! here [disney.com]

    -t's happening to me?!? Oh God, noooooooo-

    >>> Buy VIAGRA ONLINE! SAve $$$$!!!!1
  • by Onimaru ( 773331 ) * on Tuesday March 22, 2005 @10:51AM (#12012188)

    ...say that you should buy more security products! Wow, it's almost like the MS studies that say linux is more expensive and the environmental studies by the meat industry that say millions of gallons of pig shit isn't harmful to the environment so you might as well just spray it into the air.

    This is the second one in as many days, too. Come on, could we get a real story, not one spun from the gossamer threads of greed and conflict of interest?

  • Reports show sales of Symantec's popular Anti-virus packages in the UK lagging behind sales in the US, and sales of the Macintosh version lagging behind everywhere.

    Blake
  • Canada? (Score:3, Insightful)

    by kbahey ( 102895 ) on Tuesday March 22, 2005 @10:54AM (#12012231) Homepage

    US (24.6%) ... Canada (4.9%)

    This is really problematic, given that Canada only has about one tenth of the US population. Does this mean that if we had as many people as the USA, 49% would be hacked?

    Or is it just because we have more broadband per capita than in the US?

    • While Canada has 10% of the population of the states there is a greater availabilty of broadband connectivity.

      So it's an apples and oranges comparrison to try and directly extrapolate the numbers... a better comparrison (from what I've been told) is to compare Canada to California.
  • Hacky (Score:5, Informative)

    by Doc Ruby ( 173196 ) on Tuesday March 22, 2005 @10:57AM (#12012271) Homepage Journal
    "Most hacked" is not the English translation of "largest percentage hacked". "Most hacked" would refer to the largest quantity hacked. The proper English translation of that statistic is "most hacky" - even if I did just make up "hacky".
  • Blimey (Score:5, Funny)

    by stratjakt ( 596332 ) on Tuesday March 22, 2005 @10:59AM (#12012299) Journal
    I blame the abundance of Spam from the UK squarely on Monty Python.

    Now they want to bring "Spam A Lot" to the US? I don't think so, Nigel.

    Time to dump some tea into the harbour.
  • Just thought (Score:5, Insightful)

    by cca93014 ( 466820 ) on Tuesday March 22, 2005 @11:00AM (#12012309) Homepage
    A lot of ADSL connections in the UK now come with bandwidth limits, and charges per GB over the standard monthly utilisation. This is a relatively new concept in retail broadband in the UK (In Oz it is almost the standard).

    Anyway, it's sort of weird that the ISPs now actually have a vested interest in their users contracting malware; they make more money out of it in over-charges...
    • Re:Just thought (Score:3, Insightful)

      by flumps ( 240328 )
      That is very insightful...

      However most ISPs in the UK provide minimal 512Kbps connections for a basic package without restriction and 1Mb connection restrictions they do have run into the GB range for download/uploads per month.

      You still have a good point tho, and its interesting most ISPs do not provide firewall applications/hardware on basic packages like this. The basic user could find he is disconnected without notice for bandwidth overuse with no idea that malware might be the root cause....
  • UK consumers (Score:4, Interesting)

    by ScouseMouse ( 690083 ) on Tuesday March 22, 2005 @11:02AM (#12012320) Homepage
    Speaking as a UK consumer, it doesnt surprise me. Most of the people i deal with dont bother with a virus checker until they start having problems, and most viruses these days seem to be designed for creating botnets so try to not to hog resources, crash the computer or use too much bandwidth. If only other windows programs were so well designed :-) When I first got broadband (About 2 years ago?) , the ISP i use, (Pipex) offered a free virus checker and gave instructions on how to run it. They dont any more. Nor do anyone else. I personally think that no-one who manages their own computer and *doesnt* know when their virus checker was last updated shouldnt be allowed near the internet.
    • Why?.
      Virus Checkers are NOT necesary. Virus Checkers exists because there are flaws in the Operating System most people uses, and in the poeple itself, that lets viruses in.
      I Use GNU/Linux, and i don't install shit.
      The Solution is simple. Install Operating Systems that work, and teach people. Don't use ugly patches like viruse checkers.
    • Re:UK consumers (Score:4, Insightful)

      by prandal ( 87280 ) on Tuesday March 22, 2005 @11:35AM (#12012714)
      Most of the virus infections I've dealt with on friends' and acquaintances' Windows PCs have occured on boxes running (yes, you've guessed it) Norton Antivirus. I routinely uninstall Norton and replace it with Avast! Personal Edition [avast.com].

      Some antivirus vendors have yet to catch on to the idea that virus patterns need updating on a daily or more frequent basis. So along comes a new Bagle variant, which is yet to be detected by Norton, and the first thing it does is kill Norton's on-access scanner.
  • So is... (Score:5, Interesting)

    by ArsonSmith ( 13997 ) on Tuesday March 22, 2005 @11:03AM (#12012335) Journal
    Someone at Symantic retiring and they are trying to pump up the stock?

    Recent Symantic news:
    OSX Doom and gloom, Symantic will save you. [zdnet.co.uk]

    Fire Fox doom and gloom Symantic will save you. [computerworld.com]

    Now this
    • I was going to say something about that. :) Don't know what it is about them recently, but the shit-flinging sure has been going on in full force. Wonder what they're up to...
  • This gives the curse of bugger! a whole new set of meanings, none of them pleasant to the user or their computer...
  • It's the modems! (Score:5, Insightful)

    by GuerillaRadio ( 818889 ) on Tuesday March 22, 2005 @11:06AM (#12012368)
    Most of the big ISPs in the UK supply these horrible usb modems for their ADSL service, leaving the only protection being the Windows firewall. I've had to sort out several PCs from friends and family that were brand new, but shipped with XP SP1 and pwned within minutes of plugging these modems in. Contrast this to when I lived in Holland - adsl routers with NAT always supplied or recommended.
  • by iBod ( 534920 ) on Tuesday March 22, 2005 @11:17AM (#12012506)
    I recently read that over 40% of UK Internet connections were now broadband, and most of these became active within the last year.

    I think the broadband providers should offer a router with a suitable built-in hardware firewall as a standard part of the package (or failing that insist on you having an 'approved' router/modem with then necessary smarts, in the service contract).

    Unfortunately most of the domestic packages are still 'wires only'.
  • WLAN security (Score:2, Interesting)

    by chman ( 746363 )
    The uptake of broadband and WiFi has been immense over the past 6 or so months. Where before I had no problems with WLAN coverage as mine was the only one on the street, now there's one eminating from every home. Just in the few surrounding roads there are dozens of wireless networks in place, and hardly any have even changed the SSID, let alone disabled broadcasting of it. Only a handful use any form of actual security, such as WEP.
    Even the people that should know better, such as my neighbour that claims
  • by Madas ( 866312 ) on Tuesday March 22, 2005 @01:04PM (#12013695) Homepage
    I read here [scmagazine.com] that bots in the UK nearly led to nearly half a billion dollars being siphoned off a Japanese bank.

"If there isn't a population problem, why is the government putting cancer in the cigarettes?" -- the elder Steptoe, c. 1970

Working...