China behind 85 per cent of all phishing attacks globally

Martyn Warwick
By Martyn Warwick

Dec 15, 2014

via Flickr © Mihnea Stanciu (CC BY 2.0)

via Flickr © Mihnea Stanciu (CC BY 2.0)

North Korea may be masterminding the ongoing attack on Sony Pictures Entertainment but it is no more than a minor sideshow. The real damage is being done from within the People's Republic of China.

Sony Pictures Entertainment is squirming with well-merited embarrassment as yet more leaked emails show that the machinations of Hollywood's movie studio executives are even more cringe-makingly poisonous, venal and adolescent than even the seasoned cynics at Variety might have imagined.

It's impossible to feel any sympathy for self-serving senior executives as tranche after tranche of excruciating revelations hits the web and eat their way through years of carefully constructed PR superstructure, which, it is being demonstrated, is so flimsy that it has about as much substance as a cardboard tank built on the back-lot.

The hackers, who call themselves the "Guardians of Peace", have promised more reputation-shredding bombshells in a "Christmas gift that will put Sony Pictures into the worst possible state."

And why is Sony being subjected to this onslaught? Well, it is rumoured that Kim Rong Un, the dictator of North Korea and those members of his dwindling cabal of family members that have not yet been executed for capital crimes such as using Rong Un's ashtray without permission, are deeply unhappy that Sony dared to make the film, "The Interview", which is about a group of CIA agents posing as journalists in a plot to assassinate the 'dear leader'. This, North Korea claims, is an "act of war" and that "ruthless retaliation" will result.

Then came the attacks on Sony and on Friday last Friday, Mike Rogers, the Chairman of the House Intelligence Committee of the US said "indications are that the North Korean regime is the source of the damaging cyberattack on the Sony Pictures studio."

Thus it seems that Sony Pictures Entertainment may have riled the Rong Un into a hugely damaging hack attack. As might be expected, the regime denies any involvement, opining that "righteous sympathisers" outside the country may have spontaneously clubbed together to bring Sony to its knees.

Apple the most hacked company on earth. PayPal is second. Taobao the runner-up.

So, North Korea and its undoubted state-sponsored ability to conduct cyber warfare is in the frame and in the spotlight, but a new report shows that the real problem lies across the regime's northern borders. According to research published in the latest report from the Anti-Phishing Working Group (APWG) The People's Republic of China was directly responsible for 85 per cent of the world's phishing scams over the first half of 2014.

Meanwhile, and in support of the APWG, research collated and analysed in 'Global Phishing Survey, 1H 2014: Trends and Domain Name Use report concludes there were, at the minimum, 123,741 unique phishing attacks worldwide between January and June this year. The attacks hit 87,901 unique domain names, of which 22,679 were found to have been registered maliciously, mostly by Chinese phishers. The other 59,485 domains were almost all hacked or compromised domains.

Phishers expend most of their time and effort in attacking Apple. It suffered m 21,951 attempted hackings - or 17.7 per cent of all attacks. PayPal came next with 17,811 attacks, equivalent to 14.4 per cent of all cyber attacks. Third in order of phishing popularity is the Chinese online shopping site, It faced16,418 attacks, or 13.2 per cent of the total.

It seems that the introduction of new top-level domains (TLDs) has not had any marked effects on the incidence of phishing. Attacks occurred in 227 TLDs, but 90 per cent of the malicious domain registrations (numbering 20,565) were in just five domains: .com, .tk, .pw, .cf., and .net. However, the new generic Top-Level Domains. including .agency, .center and .company were subject to phishing attacks over the first half of 2014.

Fortunately, defence against and aggressive reaction to such attacks is improving. The average uptime of a major phishing attack is now thirty-two and a half hours, but that is still far too long to prevent huge damage - as Sony and others can ruefully attest - and the Christmas and New year period are the ideal (and peak) times for phishing attacks to be perpetrated.

Email Newsletters

Sign up to receive TelecomTV's top news and videos, plus exclusive subscriber-only content direct to your inbox.