Antipodean hacker activity on the rise

An internet security report released by anti-virus vendor Symantec has revealed that Australia has joined the ranks of international hacker sources.

Ranked fifth amongst the top originating countries, excluding worm-type strikes, Australia was the only new entry to the ranks tabled from hacker activity in the six months from July to December 2003.

However, the report notes that although the statistics are accurate in that they trace back to the last IP address from which the attack was launched, the origin may not be the attackers' own system.

Systems engineer director for Symantec Asia Pacific, Tim Hartman, said he believes a lot of the recorded hacker activity has emanated from overseas, using Australia as its launch point.

"The most likely cause [for the rise in Australian hacker activity] is that the computers infected in Australia are staging points for other hackers overseas," said Hartman, adding that the main problem with viruses in Australia is that users are not bothering to protect against them.

"People in Australia haven't been diligent in installing patches or using anti-virus protection, we think there are many un-patched machines out there that aren't being looked after by their users" Hartman said.

Australia's proportion of hacker activity is three per cent of the total amount, which pales in comparison to the US with the lions' share at 58 per cent.

The report states the US has dominated over the two previous six-month periods as having the highest percent of hacker activity. However, the country rates fourth in hacker activity per internet capita statistics.

According to Symantec, the US has one of the highest internet populations, thus accounting for its dominant position in overall attack rates, yet the country is superseded by Canada, Kuwait and Ireland in number of attacks per 100,000 users.

Australia ranks tenth in the attacks per internet capita statistics, with an average of 4,251 attacks estimated per 100,000 users.

Hartman said potential hacker activity, such as network "scanning" for system vulnerabilities is significantly increased during school holidays, suggesting that Australia can expect a lot more hacker activity with the maturing of the next generation.

"The whole world can expect more hackers in the future, it’s the natural organic growth of the industry," said Hartman.

The results of the report also indicate that most hacking systems favour targets within the same geographic locations as their launch origin, with the exception of South Korea; which was the only country in the top 10 ranks to prefer overseas attacks, favouring Australian and North American targets above its own region.

Hartman said the geographic locality is the most probable reason for the South Korea's focus on Australia. He said the most popular avenues for attack in Australia are home computer users and small to medium business systems.

"Larger companies usually have IT departments to manage virus attacks, but the small to medium size business just install an anti-virus {product] and think they can let it go at that, making them an easy target," said Hartman.

Abby Dinham writes for ZDNet Australia. For more news from ZDNet Australia click here