China no longer lead cyber attacker

News by Tim Ring

Indonesia has overtaken China as the world's worst source of cyber attacks, according to a new study of internet traffic, as the number of DDoS attacks rise sharply.

But China's let-off might be short-lived as report author Akamai admitted “the attackers themselves are not always necessarily based in these countries” - and the Asia-Pacific region was still responsible for around four-fifths of all attack traffic in the second quarter of 2013.

Attacks coming from Indonesia nearly doubled in a single quarter, rising to 38 per cent of the total, and pushing China down to second place with 33 per cent. Attacks from the US continued to fall, to 6.9 per cent.

Meanwhile, those surveyed reported being targeted by 318 DDoS attacks last quarter, 54 per cent up on the previous quarter. The DDoS attacks on companies were mainly directed at business services and financial services firms.

Report author David Belson said that people's biggest vulnerabilities “can often be content management systems and scripting languages, some of which have well-publicised holes”.

The report also focuses on attacks from the Syrian Electronic Army (SEA) hacktivist group who spread propaganda about the regime of Syrian President Bashar al-Assad.

The report logs the SEA's notorious attack on the Associated Press's Twitter feed, planting a false story about a White House bombing that wiped £85 billion off its value on the Dow Jones Industrial Average in just 90 seconds.

The SEA also claimed attacks against other media sites including the Guardian, Financial Times and the Onion.

The report notes: “In each of these attacks, the tactics used were extremely similar. The attacker launched a spear-phishing attack against the target and was able to compromise at least one internal email account. Using that account, further attacks were launched, until the attackers were able to collect credentials that provided access to Twitter feeds, RSS feeds or other sensitive information.”

The ‘State of the Internet' tracks traffic from around 750 million internet ports. It logged attacks from IP addresses in 175 separate countries/regions. Despite that, attacks continued to become more concentrated, with the top 10 ports responsible for 82 per cent of all observed attacks.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews