According to Symantec's biannual Internet security threat report released on Wednesday, China topped the Asia-Pacific region, including Japan, in malicious activity, producing the most malicious code, spam zombies, bots and attacks between January 1 and June 30.
China's bot-infected computers made up 78 percent of those in the region. Taiwan had the next highest number of bots, but only at 7 percent.
China'scan be attributed to its high rate of counterfeit software.
Noting that the majority of China's Windows users use counterfeit versions, Ooi Szu Khiam, a senior security consultant at Symantec Singapore, said during a press briefing: "If you don't have a genuine version, you can't register for patches, and those who don't patch their systems are open to a growing number of exploits."
Ooi added that users become "sitting ducks" as they leave themselves open to malicious attacks by not applying security patches.
Offering another reason for China's vulnerability, Ooi said: "Resources to build infrastructure is finite, so not enough spending may be directed to securing the networks."
Building a proper security system requires a "multiple and mutually supportive defensive system," Ooi said. A security system needs to be secured at all points, including the ISP, network and device.
The amount of spam originating from China, which makes up 25 percent of APJ-originating spam, puts China at the top of the list, Ooi said, noting that this volume is driven largely by the vast number of botnets and spam zombies.
"All you need to do is install a spam plug-in for your botnet, and the botnet is in action," he said. "Many bots are designed to be used mainly to send spam."
Victoria Ho of ZDNet Australia reported from Sydney.