China is the 'world's biggest cybercrime victim'

China is the world's biggest victim of cybercrime according to the nation's Computer Emergency Response Team (CNCERT). 

The CERT said some 8.9 million computers in China were attacked by 47,000 foreign IP addresses according to its 2011 Internet Security Perception Report (pdf).

Most attacks had originated from computers in the United States, Japan and South Korea, however those computers may form part of botnets meaning perpetrators could be located elsewhere.

"China has become the world's biggest victim of cyber attacks," CNCERT senior engineer Zhou Yonglin told China's People's Daily.

Foreign hackers had compromised 1116 Chinese web sites, according to the report, while 95.8 per cent of phishing websites that targeted Chinese domestic banks were from overseas attackers.

The number of phishing sites targeting Chinese organisations had nearly tripled compared to 2010.

More than 100 vulnerabilities were reported in China's National Vulnerability Database affecting industrial systems, a 10 fold increase since 2010 according to CNCERT.

The CERT also reported some 6249 malicious mobile programs were discovered in 2011, more than double that found the year earlier.

But CNCERT said there were no major network security incidents, adding that attacks against government web sites had reduced.

Sophos senior security advisor Chester Wisniewski criticised the claim that China was the largest victim of cybercrime.

"At SophosLabs we detect more than 20,000 new infected URLs, not to mention receiving more than 100,000 new malicious code samples every single day," Wisniewski said. "Compare this to 1116 Chinese websites 'tampered with by overseas-based hackers' last year."

He pointed to a CNCERT weekly report that indicates 90 per cent of infected Chinese computers contained the Conficker worm.  

Copyright © SC Magazine, Australia