News

China no longer top source of cyber attacks

Warwick Ashford

Indonesia has overtaken China as the top source of cyber attacks, according to the latest study of internet traffic from content delivery firm Akamai.

According to the firm’s State of the internet report,

Requires Free Membership to View

Indonesia’s share of observed attack traffic in the second quarter of 2013 increased to 38%, pushing China into second place with a 33% share.

However, the report points out that its methodology captures the source IP address of an observed attack and cannot determine attribution of an attacker.

The report said ports 80 and 443 were the most commonly targeted ports, accounting for 41% of observed attacks combined.

Port 445, the perennial top target, fell from first place for the first time since the first quarter of 2008, dropping to 15% of observed attacks.

Distributed denial of service (DDoS) attacks also increased in the second quarter, up by 54% compared with the first three months of the year.

Websites and applications in all sectors, across all geographic regions, are potential attack targets

Akamai report

The number of DDoS attacks targeting customers in the enterprise sector nearly doubled in the second quarter, with attacks largely concentrated on customers in the business services and financial services verticals.

However, the report notes that websites and applications in all sectors, across all geographic regions, are potential attack targets.

Of the total DDoS attacks for the second quarter, enterprises made up 42%, followed by the commercial sector (29%), media and entertainment (17%), and high tech (7%).

The public sector experienced the lowest proportion of DDoS attacks, with just 5% of the total for the quarter.

The number of DDoS attacks reported by customers in Asia nearly tripled in the second quarter, while customers in the Americas accounted for nearly two-thirds of all attacks reported to Akamai.

The number of DDoS attacks monitored at over 20Gbps in the first nine months of the year is more than three times greater than for the whole of 2012, a separate report by Arbor Networks revealed.

Despite the business risks of DDoS attacks, a survey published in July by communications firm Neustar found that 20% of UK respondents said their companies had no DDoS protection.

Neustar is to host the first international DDoS awareness event on 23 October 2013.

The online event will bring together law enforcement, security industry and government experts to discuss and share information about DDoS attacks. The event is free to anyone who registers.