Story image

China reigns supreme as Asia's top source - and top target - of DDoS attacks

06 Mar 18

China is continuing its reign as one of the world’s most prevalent cyberattackers, taking the number two rank for the top five source countries for distributed denial of service (DDoS) attacks and being responsible for more than 28 million web application attack alerts.

Akamai’s State of the Internet Q4 2017 report says that China is second only to Germany for the most DDoS attacks, accounting for 28% of attacks. Germany accounted for 30% of attacks, while the United States (8%), Ecuador (3%) and Austria (3%) rounded out the top five.

Most of that DDoS power was directed at the gaming industry (79%), while other services including internet and telecom (6%) and financial services (4%) were also the main targets.

China also ranked third in the world for the number of web application attacks in Q4 2017. It accounted for 7.1% of attacks, or more than 28 million. The United States accounted for 32% of attacks – more than 128 million.

India also featured seventh in the list as a web application attack source country with 4.1% of attacks, or more than 16 million.

Japan featured 13th in the list (more than 6.5 million attacks); Hong Kong at 16th (3.2 million attacks and Australia at 18th (2.5 million attacks.)

China, India, Japan, Australia and Hong Kong also ranked from fifth to tenth respectively in the list of the top 10 target countries for web application attacks.

China was hit by more than 10.6 million attacks. On the other end of the scale, Hong Kong was hit by more than 6 million.

“A key motive of attackers has always been financial profit. In the past few years, we have seen adversaries move to more direct methods to achieve that goal such as ransomware,” comments Martin McKeay, senior security advocate and senior editor of the report.

Akamai believes that cryptocurrency mining will bring chaos for cryptocurrency exchanges in the future.

“Criminals are going to do the same thing that any good businessman does when their market dries up: switch to an adjacent market that has greater potential. We’ve already seen cryptocurrency exchanges be on the receiving end of DDoS attacks. Rather than being part of an extortion campaign though, it’s more likely that these attacks are aimed at frustrating users to get them to move to the attacker’s exchange.”

Bombarding exchanges with attacks could work out to be detrimental for the criminals as genuine investors stop trusting exchanges – essentially killing off criminals’ biggest cash cows.

Instead, Akamai believes criminals will continue to inflate cryptocurrency exchanges and skim profit off some transactions.

“Crypto mining offers attackers the most direct avenue to monetize efforts by putting money immediately into their cryptowallets,” McKeay notes.

SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.
What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.