60 However, these figures do not necessarily imply that the damage caused by the
malicious code and hacking incident is also increased or decreased. Current trend shows that the attacks are targeting more narrowed scope and specific victim
rather than the anonymous majority, and the victims can be vary from individuals to corporations. Therefore, figuring out the overall damage caused by those
incidents is getting more difficult, as the attacks are evolving in its aspect and methodology.
2.2. WormVirus
Throughout the year 2008, the number of wormvirus reported to KrCERTCC is 8,469, which is 41.2 increase compared with that of the last year 5,996 in 2007.
This is mainly due to the fact that we have seen the increase of the malware such as ONLINEGAMEHACK, KORGAMEHACK, which has been distributed for
stealing credential information for using in certain online games. These malwares have been continuously increased that the number of cases was 1,060 in year
2007 and 1,895 in 2008.
2.3. Hacking Incident
The total number of reports on hacking incident in year 2008 is 15,940. Among the reports on hacking incident, spam relay 6,490 takes 40.7 and it has been
decreased 44 than that of the year 2007 11,668.
61 Internet incidents reported to KrCERTCC in 2008
The number of Phishing hosts 1,163 is increased compared with that of the last year 1,095. The number of webpage defacement is 2,204 and others 2,908. The
number of intrusion attempt 3,175 is decreased compared with that of the last year 4,316.
Simple and traditional hacking incidents such as webpage defacement, spam relay are decreasing, but takes quite a portion in the entire number of incidents,
taking over a half together. On the other hand, phishing and others are increased, as the trend goes to seeking the financial gain, and it may reflect the fact that the
attacks directly seeking the financial gain are increasing, and the attacks are getting diverse, making the traditional method of categorizing less meaningful.
The number of reports on phishing is somewhat increased, showing steady growth in recent years. This trend shows seeking the financial gain will not be
easily abandoned by the hackers or fraudsters. Recent years are told that several user-friendly phishing tool kits in the wild, which makes more acceleration on the
trend. Financial institutions are always the most targeting sector in phishing. The problem is that, in Korea, only a combination of two credentials of persons real
name and resident ID number can be used for stealing the individual proprietary.
2.4. Efforts to reduce malware embedded websites