Story image

China reigns supreme as Asia's top source - and top target - of DDoS attacks

06 Mar 2018

China is continuing its reign as one of the world’s most prevalent cyberattackers, taking the number two rank for the top five source countries for distributed denial of service (DDoS) attacks and being responsible for more than 28 million web application attack alerts.

Akamai’s State of the Internet Q4 2017 report says that China is second only to Germany for the most DDoS attacks, accounting for 28% of attacks. Germany accounted for 30% of attacks, while the United States (8%), Ecuador (3%) and Austria (3%) rounded out the top five.

Most of that DDoS power was directed at the gaming industry (79%), while other services including internet and telecom (6%) and financial services (4%) were also the main targets.

China also ranked third in the world for the number of web application attacks in Q4 2017. It accounted for 7.1% of attacks, or more than 28 million. The United States accounted for 32% of attacks – more than 128 million.

India also featured seventh in the list as a web application attack source country with 4.1% of attacks, or more than 16 million.

Japan featured 13th in the list (more than 6.5 million attacks); Hong Kong at 16th (3.2 million attacks and Australia at 18th (2.5 million attacks.)

China, India, Japan, Australia and Hong Kong also ranked from fifth to tenth respectively in the list of the top 10 target countries for web application attacks.

China was hit by more than 10.6 million attacks. On the other end of the scale, Hong Kong was hit by more than 6 million.

“A key motive of attackers has always been financial profit. In the past few years, we have seen adversaries move to more direct methods to achieve that goal such as ransomware,” comments Martin McKeay, senior security advocate and senior editor of the report.

Akamai believes that cryptocurrency mining will bring chaos for cryptocurrency exchanges in the future.

“Criminals are going to do the same thing that any good businessman does when their market dries up: switch to an adjacent market that has greater potential. We’ve already seen cryptocurrency exchanges be on the receiving end of DDoS attacks. Rather than being part of an extortion campaign though, it’s more likely that these attacks are aimed at frustrating users to get them to move to the attacker’s exchange.”

Bombarding exchanges with attacks could work out to be detrimental for the criminals as genuine investors stop trusting exchanges – essentially killing off criminals’ biggest cash cows.

Instead, Akamai believes criminals will continue to inflate cryptocurrency exchanges and skim profit off some transactions.

“Crypto mining offers attackers the most direct avenue to monetize efforts by putting money immediately into their cryptowallets,” McKeay notes.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.