Cyber criminals on the prowl Image Credit: Gulf News

Dubai:Internet users, whether companies, government organisations or home-based users, have been warned to stay well protected against cyber criminals who are increasingly creating havoc to steal personal information with financial gain as the key motivator.

The warning aired by Mark Chaban, security and piracy director of Microsoft Middle East and Africa, follows the recent security intelligence report volume 8 by Microsoft which provides compelling evidence that cyber criminals are becoming more sophisticated and packaging online threats to create, update and maintain exploit kits that are sold to others to deploy.

"By bringing out this report, our aim at Microsoft is to share our extensive analysis of the threat landscape and related guidance with our customers, partners and the broader industry, helping ensure people are better informed and in turn protected," Chaban told Gulf News in an interview.

The Gulf countries had infection rates (CCM) ranging from 5.4 to 15.5 in the second half of last year compared to 6.2 to 20.8 in the first half of last year.

CCM is the number of computers cleaned for every 1,000 executions.

Worst affected

In the second half of last year, Bahrain was the worst affected with 15.5, followed by Saudi Arabia with 13, Kuwait with 9.3, Oman with 6.1, UAE with 5.8 and Qatar with 5.4 computers cleaned for every 1,000 executions.

In the first half of last year, Saudi Arabia was the worst affected with 20.8, followed by Bahrain with 9.3, Oman with 7.9, Kuwait with 7.7, Qatar with 6.8 and UAE with 6.2 computers cleaned for every 1,000 executions.

Among the top 10 counties with the highest infection rates by CCM, Saudi Arabia is placed at seventh and Turkey leads with 20.

Chaban said that if you want to reduce your risk profile and protect your PC, you would need to keep all of the software up-to-date (including third-party software); update to the latest version of software, if possible; and run an up-to-date antivirus product from a trusted vendor.

Patterns of threat and infection change constantly. Making security decisions can be a lengthy, complex process, requiring risk-management assessments based on real data and analysis, he said.

Chaban added that the threat landscape in the UAE was dominated by malware, which accounted for 82.6 per cent of all threats detected on infected computers in the second half of last year.

The most common category in the UAE was worms, which accounted for 23.3 per cent of all infected computers. The second-most common category was Miscellaneous Trojans, which includes all trojan families that are not classified as downloaders/droppers or backdoors, and accounted for 21.2 per cent of all infected computers.

He said together, miscellaneous Trojans, trojan downloaders and droppers made up over 37 per cent of all families detected on infected computers in the UAE.

The report shows that three of the top five families detected on infected computers in the UAE in second half (and six of the top 20 families) were worms.

These worm families can spread via mapped drives with missing or weak passwords or via USB drives.

Win32/C2Lop was significantly more prevalent in the UAE than it was worldwide. Win32/C2Lop, a trojan that modifies Web browser settings and delivers contextual and pop-up advertisements, was the third-most prevalent family during second half, but it was only twenty-third-most prevalent worldwide.

Add ons

Win32/C2Lop may be distributed in a software package called MessengerPlus!, an add-on for Windows Live Messenger.

Win32/SeekmoSearchAssistant was the eleventh-most detected family on computers in the UAE, but it was not present in the top 25 families detected worldwide.

Win32/Ardamax, the thirteenth-most prevalent family detected does not appear in the top 25 families detected worldwide.

According to the report, Windows 7 and Windows Vista with Service Pack 2 have the lowest infection rate of any platform.

The 64-bit versions of Windows 7 and Windows Vista SP2 had lower infection rates than any other operating system configuration, and the 32-bit versions both had infection rates that were less than half of Windows XP with its most up-to-date service pack, SP3.

The infection rate for Windows XP with SP3 is less than half of that for SP2, and less than a third of that for SP1.

Similarly, Windows Vista SP2 has a lower infection rate than SP1, which has a lower infection rate than Windows Vista RTM.

He urged users to install service packs to maintain their computers better than users who do not install service packs and therefore may also be more cautious while using the internet, opening attachments, and engaging in other activities that can open computers to attack.

Windows' support and software updates

  • On April 13, 2010, Windows Vista RTM reached end of support. Installation of Windows Vista SP1 (SP2 is recommended) is required to continue receiving support and new updates.
  • On July 13, 2010, Windows XP SP2 will reach end of support. Installation of Windows XP SP3 is required to continue receiving support and new updates.
  • On July 13, 2010, Windows 2000 will transition from extended support to end of life. Customers will need to migrate to a supported operating system to continue getting new updates and support.
  • On July 13, 2010, Windows Server 2003 will transition from mainstream support to extended Support. Customers will need to pay for incident support and hotfix services or migrate to a supported operating system. Security updates are offered in extended support.