Cybercriminals look to infect Australian computers because the country is considered “safe”.
Australia is emerging as a major conduit for targeted cyber attacks, a report shows, as online criminals shift their gaze towards Asia.
The country has become the main location of so-called “command and control” servers, which are used by cybercriminals when they attack governments and businesses.
According to a report by cyber security firm Trend Micro, 32 per cent of targeted attacks in the second quarter of 2013 involved a command and control server located in Australia.
Second-placed South Korea had 15 per cent, while Germany had 9 per cent
The servers are infected computers which act as a kind of middle-man in cyberattacks, said Jonathan Oliver, a software architect at Trend Micro.
The criminals first infect Australian computers with malware via spam emails and other common pathways.
This turns the computer into a command and control server, which unbeknownst to the user establishes an internet link with the actual target.
Sensitive information is fed back to the command and control server, and then back to the cybercriminals.
Australia had become a deeply sought-after server location as cybercriminals increasingly look to target Asian governments and businesses, Oliver said.
Cybercriminals look to infect Australian computers because the country is considered “safe”, he said.
If a government or business sees that their computer has linked with an internet address in Australia, they are less suspicious than if it came from Russia, China or other known cybercriminal hotspots, Oliver said.
“What the cybercriminals are hoping is that no one will notice this connection, and it won’t look that suspicious,” he said.
They’re trying to fly under the radar.”