Websense Study Claims Canada Next Hotbed for Cybercrime Web Hosting Activity

Published: 2011-05-14
Last Updated: 2011-05-14 01:54:44 UTC
by Guy Bruneau (Version: 1)
2 comment(s)

According to Websense, Canada has been seen as a prime target to move cybercrime operations into their network infrastructure. Here is a summary of Patrik Runald's blog and the complete post can be found here.

Jump in Hosted Phishing Sites - A 319% increase in the last year. The various site locations are shown here.
Increase in Bot Networks – Over the past 8 months, a 53% increase of bot Command and Control (C&C). When compared to the U.S., France, Germany and China, Canada is now 2nd for hosting bot networks.
Malicious Websites - Websense noticed a decline of malicious website, however, this decline is moving at a much slower pace in Canada
Overall Increase in Cybercrime - In the 2010 Websense Threat Report, Canada was #13 and is now #6 in 2011.

Have you noticed an increase in cybercrime activity from web servers hosted in Canada?

[1] http://community.websense.com/blogs/websense-insights/archive/2011/05/05/the-next-hotbed-of-cyber-crime-activity-is-canada.aspx
[2] http://www.websense.com/content/threat-report-2010-introduction.aspx?cmpid=prblog


Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

2 comment(s)


Could this have anything with savvis.net blocking access to my server from Europe. (All other access also appears to be blocked.) Staring about the time this posting came out my network block started being routed to trl-pos-0-3-2-0.chicago.savvis.net [] and no further. Attempts to contact both savvis.net and my ISP have been unsuccessful.
I am happy to report the problem has been traced to a broken line drop. Timing was co-incidental with the posting. It appears my ISP entirely stopped routing my netblock when the connection went down. savvis.net being the next hop back was the last reachable address. I will be following up when I return from Europe.

Diary Archives