Symantec Global internet Security threat report
Table 17. Geolocation of viruses Source: Symantec
the Sality.AE virus was the top overall malicious threat in both ApJ and EMEA, and the Mabezat.B virus was the second overall malicious threat in EMEA. these two threats are the primary cause for the disparity in infection counts between the top two and bottom two regions for virus activity in 2009.
the largest contributing countries for virus threats in 2009 were india, Egypt, and Brazil, with top-ranked india having approximately twice the infection count of second-ranked Egypt. As noted in the “Executive Summary,” india and Brazil are two countries specifically cited as countries expected to increase in their share of malicious activity.163 the growth of viruses in 2009 in these countries bears this out.
Although the 2009 increase in LAM is quite large, the actual infection counts are only approximately 20 percent as high as second-ranked ApJ. Meanwhile, the EMEA and ApJ regions are within a few percentage points of each other in infection counts, which likely makes their swapped positions are merely due to typical variances in potential infection counts.
Threats to confidential information
Some malicious code programs are designed specifically to expose confidential information that is stored on an infected computer. these threats may expose sensitive data such as system information, confidential files and documents, or logon credentials. Some malicious code threats, such as back doors, can give a remote attacker complete control over a compromised computer. threats to confidential information are a particular concern because of their potential for use in criminal activities. With the widespread use of online shopping and internet banking, compromises of this nature can result in significant financial loss, particularly if credit card information or banking details are exposed.
in 2009, four of the top 10 most prevalent malicious threats observed expose confidential information or provide remote access. three of the top 10 new threats directly expose information, while four are staged downloaders that might also expose information, depending on the downloaded components. Operators in the underground economy use these malicious threats to gain access to banking and credit card information, online credentials, and to target specific enterprises.
Within the enterprise, the exposure of confidential information can lead to significant data loss. if it involves customer-related data such as credit card information, customer confidence in the enterprise can be severely undermined. Moreover, it can also violate local laws. Sensitive corporate information, including financial details, business plans, and proprietary technologies could also be leaked from compromised computers.
h t t p : / / e v a l . s y m a n t e c . c o m / m k t g i n f o / e n t e r p r i s e / w h i t e _ p a p e r s / b - w h i t e p a p e r _ i n t e r n e t _ s e c u r i t y _ t h r e a t _ r e p o r t _ x i v _ 0 4 - 2 0 0 9 . e n - u s . p d f : p . 1 9