Story image

China reigns supreme as Asia's top source - and top target - of DDoS attacks

06 Mar 18

China is continuing its reign as one of the world’s most prevalent cyberattackers, taking the number two rank for the top five source countries for distributed denial of service (DDoS) attacks and being responsible for more than 28 million web application attack alerts.

Akamai’s State of the Internet Q4 2017 report says that China is second only to Germany for the most DDoS attacks, accounting for 28% of attacks. Germany accounted for 30% of attacks, while the United States (8%), Ecuador (3%) and Austria (3%) rounded out the top five.

Most of that DDoS power was directed at the gaming industry (79%), while other services including internet and telecom (6%) and financial services (4%) were also the main targets.

China also ranked third in the world for the number of web application attacks in Q4 2017. It accounted for 7.1% of attacks, or more than 28 million. The United States accounted for 32% of attacks – more than 128 million.

India also featured seventh in the list as a web application attack source country with 4.1% of attacks, or more than 16 million.

Japan featured 13th in the list (more than 6.5 million attacks); Hong Kong at 16th (3.2 million attacks and Australia at 18th (2.5 million attacks.)

China, India, Japan, Australia and Hong Kong also ranked from fifth to tenth respectively in the list of the top 10 target countries for web application attacks.

China was hit by more than 10.6 million attacks. On the other end of the scale, Hong Kong was hit by more than 6 million.

“A key motive of attackers has always been financial profit. In the past few years, we have seen adversaries move to more direct methods to achieve that goal such as ransomware,” comments Martin McKeay, senior security advocate and senior editor of the report.

Akamai believes that cryptocurrency mining will bring chaos for cryptocurrency exchanges in the future.

“Criminals are going to do the same thing that any good businessman does when their market dries up: switch to an adjacent market that has greater potential. We’ve already seen cryptocurrency exchanges be on the receiving end of DDoS attacks. Rather than being part of an extortion campaign though, it’s more likely that these attacks are aimed at frustrating users to get them to move to the attacker’s exchange.”

Bombarding exchanges with attacks could work out to be detrimental for the criminals as genuine investors stop trusting exchanges – essentially killing off criminals’ biggest cash cows.

Instead, Akamai believes criminals will continue to inflate cryptocurrency exchanges and skim profit off some transactions.

“Crypto mining offers attackers the most direct avenue to monetize efforts by putting money immediately into their cryptowallets,” McKeay notes.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.