 "India third most attacked nation by Zeus malware: Websense")
India was the third most affected country in 2013 to be attacked by the notorious Zeus malware that is used to steal sensitive data from industries like finance, government, manufacturing and services, security solutions firm Websense said.
Zeus is a malware that runs on PCs running versions of Microsoft Windows operating system. While it can carry out many malicious and criminal tasks, it is often used to steal banking information by keystroke logging and form grabbing.
It is also used to install CryptoLocker ransomware, which locks access to the computer unless a fee (usually is paid to the hacker by the user.
India followed the US and the UK, in terms of attacks based on geographic location, Websense said in its 2014 Threat Report.
Other countries in the list included Canada, Brazil, Australia, Mexico, Italy, France and Turkey, it added.
While services was the most attacked vertical, manufacturing, finance and government sectors followed closely on the list.
Other target sectors included communications, education, retail, healthcare, transportation and utilities.
Zeus is spread mainly through drive-by downloads and phishing schemes.
"Originally designed as a financial threat, the Zeus malware was repurposed in 2013 for other vertical market objectives, from widely distributed attack sources," Websense said.
Zeus started attacking systems sometime in 2006 and in June 2009, security company Prevx estimated that Zeus had compromised over 74,000 FTP accounts on websites of companies like Bank of America, NASA, Monster.Com, ABC, Oracle, Cisco, Amazon and BusinessWeek.
The report said the attack ecosystem -- along with actors, their motivations and techniques used -- continue to grow in number, complexity and sophistication.
"As the attack ecosystem grows in scope, it is getting increasingly difficult to attribute the source of an attack. Many experts and organizations claim to be able to pinpoint the source of an attack, but it is rarely that easy or straightforward," it added.
This is exemplified in the Zeus attack with the reusing of attack components, compromising of websites and using numerous redirections that all serve to thwart identification of sources, it said.
Zeus is a malware that runs on PCs running versions of Microsoft Windows operating system. While it can carry out many malicious and criminal tasks, it is often used to steal banking information by keystroke logging and form grabbing.
It is also used to install CryptoLocker ransomware, which locks access to the computer unless a fee (usually is paid to the hacker by the user.
India followed the US and the UK, in terms of attacks based on geographic location, Websense said in its 2014 Threat Report.
Other countries in the list included Canada, Brazil, Australia, Mexico, Italy, France and Turkey, it added.
While services was the most attacked vertical, manufacturing, finance and government sectors followed closely on the list.
Other target sectors included communications, education, retail, healthcare, transportation and utilities.
Zeus is spread mainly through drive-by downloads and phishing schemes.
"Originally designed as a financial threat, the Zeus malware was repurposed in 2013 for other vertical market objectives, from widely distributed attack sources," Websense said.
Zeus started attacking systems sometime in 2006 and in June 2009, security company Prevx estimated that Zeus had compromised over 74,000 FTP accounts on websites of companies like Bank of America, NASA, Monster.Com, ABC, Oracle, Cisco, Amazon and BusinessWeek.
The report said the attack ecosystem -- along with actors, their motivations and techniques used -- continue to grow in number, complexity and sophistication.
"As the attack ecosystem grows in scope, it is getting increasingly difficult to attribute the source of an attack. Many experts and organizations claim to be able to pinpoint the source of an attack, but it is rarely that easy or straightforward," it added.
This is exemplified in the Zeus attack with the reusing of attack components, compromising of websites and using numerous redirections that all serve to thwart identification of sources, it said.
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →*Subscribe to Business Standard digital and get complimentary access to The New York Times
Smart Quarterly
₹900
3 Months
₹300/Month
SAVE 25%
Smart Essential
₹2,700
1 Year
₹225/Month
SAVE 46%
*Complimentary New York Times access for the 2nd year will be given after 12 months
Super Saver
₹3,900
2 Years
₹162/Month
Subscribe
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app
SAVE 25%