Skip to main content

U.S. Leads Spam, but China Leads Malware

Internet security firm Sophos has released its annual Security Threat Report (PDF, registration required), and finds that during 2006 the United States retained its title as the source of more spam than any other nation on earth, accounting for some 22 percent of the spam Sophos’ services intercepted during the year. However, China was an up-and-comer, accounting for 15.9 percent of the spam sent during the year, and South Korea made a heft contribution at 7.4 percent. Sophos also calculated some some 90 percent of all spam on the Internet during 2006 was distributed via so-called zombie computer: machined hijacked by worms and Trojan horse software and under the clandestine control of spammers, scam artists, or criminal enterprises.

But China distinguished itself in another way: computers in that populous nation were the source for more malware than any other nation on earth. Many experts see China retaining the top spot for some time to come, since the country’s population of Internet users is expected to outnumber those in the United States within the next two or three years. China had 137 million Internet users by the end of 2006, according to the China Daily, an increase of 23 percent over 2005; in comparison, the U.S. government estimated 210 million of the U.S. 300 million citizens use the Internet. If China maintains its current growth rate, the total number of Chinese Internet users may surpass that of the United States in 2009 or 2010.

Recommended Videos

According to IronPort Systems, some 25 percent of total spam volume in October 2006 was “image spam,” where the content of a spam message is embedded in a graphic image rather than presented as straight text or HTML which can be profiled and filtered by mail servers. That’s an increase of 421 percent over October 2005, where image spam accounted for just 2.8 percent of all spam.

Sophos predicts that 2007 will actually see a shift away from email-based security threats and worms, with online attackers increasingly looking to exploit “Web 2.0” capabilities via social networking sites, streaming media, and file sharing services. However, for the time being, scammers’ targets are likely to remain largely centered on the population of U.S. Internet users and users of popular online commerce and transaction services: some 75 percent of all phishing email messages sent during 2006 targeted PayPal or eBay users.

Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Email typo misdirects millions of U.S. military messages to Mali
nhs email gaffe button

A simple typo has caused millions of U.S. military emails to be misdirected to Mali over the last decade, the Financial Times (FT) reported on Monday.

The emails can sometimes include highly sensitive data such as diplomatic documents, tax returns, passwords, and travel information linked to leading military officers, the report said.

Read more
Chinese hackers targeting critical U.S. infrastructure, Microsoft warns
chinese hackers caught targeting vital us infrastructure china flags

State-sponsored hackers based in China have been working to compromise critical infrastructure in the U.S., Microsoft said on Wednesday. It’s thought the attacks could lead to the disruption of important communications between the U.S. and its interests in Asia during future crises.

Notable target sites include Guam, a small island in the Pacific with an important U.S. army base that could play an important role in any clash with China over Taiwan.

Read more
As ransomware hits this U.S. hospital, lives could be at risk
The CommonSpirit Health’s logo appears over the silhouette of a hacker.

A large U.S. hospital chain has been suffering from a serious security breach that has led to its computer records being taken offline. What seems to be a ransomware attack could be affecting the quality of health care provided, possibly even putting lives at risk.
According to the industry-focused news site HealthCareDive, the attack was described as an IT incident by CommonSpirit Health and reported on October 3, 2022. This is a huge hospital chain with 1,000 care sites and 140 hospitals nationwide so thousands of patients are affected. The current solution, according to a statement on CommonSpirit Health’s website, has been to take certain systems offline.

Like the rest of us, doctors and nurses are accustomed to the technology of the 21st century and have come to rely on computer records to take care of patients, plan care options, and organize data. Reverting to paper in an already hectic healthcare system must make the job torturous. We'll never know how many critical details slip through the cracks during a busy day.

Read more