Contrary to popular belief, the majority of malware attacks originate from within the United States.
That's one of the findings from a recent report published by Perimeter E-Security, Milford, Conn., a company that provides security services to financial institutions.
Indeed, Perimeter E-Security found that more than half of all attacks and threats (55.62%) originated from within the United States during the first six months of 2012.
The company, which tracked data from 861 of its financial institution customers, credits the "made in the USA" trend to two likely factors: One, the majority of its customers block traffic to and from non-U.S. IP address ranges. And two, the majority of financial institutions "under scrutiny" are almost all U.S.-based.
The report's data also showed that the number of security incidents steadily increased from January to May, with a slight dip in June; thus, suggesting that threats and attacks are more likely to take place in spring than winter.
In total, 1,619 likely and confirmed compromises were detected during the report's time period. More than half of the company's clients (56%) experienced at least one security incident, the study found.
Though Zeus and SpyEye generally get the most coverage, Perimeter identified the Blackhole exploit kit as accounting for the highest percentage of security incidents (11.80%). Blackhole consists of a collection of malicious web pages that contain exploits for vulnerabilities in versions of Adobe Flash Player, Adobe Reader, Microsoft Data Access Components, and the Oracle Java Runtime Environment. When the attacker installs the kit on a malicious or compromised web server, visitors who don't have the appropriate security updates installed are at risk of infection through a drive-by download attack by, for instance, clicking on a link in an email.
Of all security threats tracked in the report, Perimeter found that Trojan-related infections were the most prevalent.
