The internet is becoming increasingly popular with both state and non-state actors as a launchpad for attacks against critical  infrastructure belonging to their enemies. A new McAfee report gives a measure of the preparedness and vulnerability of key infrastructure enterprises.

According to a survey conducted by McAfee, more than half of the world's key infrastructure organizations have been at the receiving end of cyber attacks. Attackers usually trigger outages or try and pilfer precious data. Nearly two-thirds of the survey's 600 respondents – IT executives employed by key organizations - reported an increase in attacks over the past year. But going by the results, the worst is yet to come. Around two-fifths of the respondents apprehend a serious attack in the coming twelve months.

“From public transportation, to energy to telecommunications, these are the systems we depend on every day. An attack on any of these industries could cause widespread economic disruptions, environmental disasters, loss of property and even loss of life,"said McAfee CEO Dave DeWalt.

He fears an attack of the magnitude of the recently discovered Operation Aurora being targeted at critical infrastructure. DeWalt termed Operation Aurora “a watershed moment in cybersecurity.” The attack was recently discovered by Google, which revealed that the attackers used zero-day bugs in Internet Explorer and targeted several other organizations apart from Google. It is said to have emanated from China.

Image Credit: Javno

Security firm McAfee said today that the recent China-based attack on Google and other companies was the result of a new security hole in Internet Explorer. McAfee says the vulnerability is not publicly known, but they have informed Microsoft and expects them to take action soon. So a Microsoft product could be the indirect cause of Google pulling out of China. This must be Microsoft’s favorite software vulnerability ever.

McAfee’s George Kurtz wrote on the companies official blog, “These attacks will look like they come from a trusted source, leading the target to fall for the trap and clicking a link or file. That’s when the exploitation takes place, using the vulnerability in Microsoft’s Internet Explorer." Kurtz was also careful to point out that they have only confirmed that Internet Explorer was a vector of attack; there could have been others.

Further, McAfee says they have cleared Adobe Reader of involvement in the attacks. This comes after several reports implicated the oft exploited software suite.

Facebook just added McAfee to its friends list in a big way by announcing a year-long partnership with the security firm that will allow all 350 million Facebookers to download a six-month subscription to McAfee's security software.

"We have a lot of control over security measures on Facebook. However, we don't control other websites and services you visit that might infect your computer. For this reason, we recommend that you install updated security software, which you can now do at no cost through this partnership," Jake Brill, a project manager for Facebook's integrity team, wrote in a blog.

More than just a marketing promotion, Facebook is actively integrating McAfee into its operations. Should the social networking site detect that your computer has been compromised, you'll be asked to run a scan before accessing the site.

Image Credit: Facebook

With all the promise offered by the Internet, it seems to be evolving instead into a rabbit warren of risk. Can’t step outside your ‘door’ without risking a knife in the ribs. The danger, luckily, isn’t uniform. McAfee, which offers Internet security software, has pieced together a world map identify which countries and which domains are the most risky.

McAfee used its SiteAdvisor technology to crawl the web and test domains for security threats--a total of 27 million domains in all. Overall, McAfee reports that 5.8% of them were a problem. The percentage of risky sites is up over 2007 and 2008, but, McAfee says, because of a change in methodology it’s not possible to say the Internet has become more risky.

The places to avoid? By Top Level Domain (TLD) they are .CM (Cameroon), with a risk factor of 36.7%, .COM (Commercial), 32.3%, .CN (People’s Republic of China), 23.4%, .WS (Samoa), 17.8%, and .INFO (Information), 15.8%. For downloads the worst place to be is .RO (Romania).

The safest places to play on the Internet (and perhaps the least interesting), are .GOV (Government), .JP (Japan), .EDU (Education), .IE (Ireland), and .HR (Croatia).

The Untied States sits toward the top of the risky list, ranked 17th, with a risk ratio of 3.1%.

McAfee also says the likelihood of receiving spam if registering with an email address has dropped from 7.6% to 2.8%. And the percent of sites delivering viruses, spyware or adware has edged down, from 4.7% to 4.5%. (McAfee cautions that this last finding doesn’t mean there are fewer Potentially Unwanted Programs (PUPs) in the tubes, but rather they are getting harder to detect using standard procedures.)

Overall, sites registered in the Americas, Europe, the Middle East, and Africa are relatively safe. Sites registered in the Asia-Pacific region are not.

Image Credit: McAfee

It's the Cold War all over again, only this one's taking place in cyberspace. According to a report by security firm McAfee, there are a growing number of governments all around the globe preparing for potential cyber conflicts with other countries, DailyTech reports.

"There are at least five countries known to be arming themselves for this kind of conflict," McAfee Europe analyst Greg Day told the BBC. "To go to physical war requires billions of dollars. To go to cyber war most people can easily find the resources that could be used in these kinds of attacks."

Targets of such attacks are likely to be a nation's infrastructure, and the U.S., which is known to have an operating manual outlining the rules of cyber engagement, is also known to have used hack attacks alongside ground operations during the Iraq war. The UK, Germany, France, China, and North Korea are the five other countries actively developing their own capabilities.

"In physical warfare it's pretty clear who has which weapon and how they are using them," said Chris Wysopal, chief technology officer at Veracode which advises many governments on security. "In the networked world that attribution is incredibly difficult."

Phishing and worms go together like, well, fishing and worms. But unlike the latter, you're the prey, and it can be particularly dangerous swimming in social networking waters, suggests a new report by Microsoft and McAfee.

The two software makers noted a sizable spike in phishing attacks during the months of May and June, driven in large part by hackers concentrating their efforts on social networking sites. Other popular targets included gaming sites, banking portals, and e-commerce.

While Trojans still topped the charts, Microsoft noted that worms are becoming much more prevalent, rising from fifth place in the second half of last year to now being the second most prevalent category of threats. Much of the rise can attributed to Conficker, which still has most security experts puzzled.

For those still clinging to XP, Microsoft noted that infection rates for Vista were significantly lower than for XP.

Image Credit: serc.carleton.edu