US-based IP addresses created the most cyber-attacks in three years

Cyber-attacks from US-based IP addresses have reached the highest point in the last three years.

According to the NTT 2016 Global Threat Intelligence Report, 65 percent of attacks across 217 countries came from US IP addresses in 2015. During 2013, 49 percent of cyber-attacks originated in the US and in 2014, the number grew to 56 percent. In 2015, security threats were collected from 8,000 clients of the NTT Group including Dimension Data, Solutionary, NTT Com Security and more.

A significant number of the detected attacks target US organisations, so attackers usually host attacks in the same geographic area as their victims, reducing the chances of geolocation blocking or alerting.

In 2015, the UK became the number one source of non-US based cyber-attacks. The number of attacks from UK-based addresses rose from three percent in 2014 to five percent in 2015.

The report also indicates that cyber-criminals are adopting low-cost, highly available, and geographically strategic infrastructure to carry out malicious activities.

“The US serves as a major source of hostile activity, due to the ease of provisioning and low cost of US cloud hosting services,” says Matthew Gyde, Dimension Data's group executive – security. “While the source IP address is based in the US, the actual attacker could be anywhere in the world. Because of the ease with which attackers can disguise their IP addresses, attack sources can often be more indicative of the country in which the target is located, or perhaps of where the attacker is able to compromise or lease servers, rather than where the attack actually originates.”