More than two thirds of global attack traffic launched from Indonesia and China, report finds

The volume of cyber attacks originating from Indonesia almost doubled in the second quarter of 2013 compared with first-quarter traffic, according to Akamai Technologies’ latest State of the Internet report.

Indonesia pushed China out of the top spot, going from its first-quarter traffic figure of 21% to 38%, while China moved to second place at 33%.

Furthermore, with Indonesia and China originating significantly more observed attack traffic than any other countries, the distribution of this traffic was heavily weighted towards the Asia-Pacific. In the second quarter, the region was responsible for 79% of observed attacks, up from 68% in the first quarter, and 56% in the fourth quarter of 2012.

The number of Distributed Denial of Service (DDoS) attacks reported by Akamai Intelligent Platform customers in Asia, nearly tripled in the second quarter. A DDoS attack is when someone uses multiple computers to prevent a particular computer network from accessing information or services. Such attacks largely concentrated on customers in the business and financial services sector.

Akamai’s product line director, David Belson (pictured), edited the report, which states that the increased attacks in Asia were primarily driven by a continuing series of attacks on a small number of companies within the region. As such, this finding might not represent a long-term change to the distribution of attacks worldwide.

Belson said that Akamai maintained a distributed set of unadvertised agents deployed across the internet who log connection attempts, which the company classified as attack traffic. “Based on the data collected by these agents, Akamai is able to identify the top countries from which attack traffic originates, as well as the top ports targeted by these attacks,” he said. “It is important to note, however, that the originating country as identified by the source IP address may not represent the nation in which an attacker resides.”

The report also provides insight into other key global statistics, such as network connectivity and connection speeds, and broadband adoption and availability. It found that extremely large growth rates in broadband adoption were seen in Indonesia and China, as well as Malaysia and Thailand. “All four countries more than doubled their levels of broadband adoption from the second quarter of 2012,” Belson said. “The most impressive growth rates were seen in Indonesia, which grew by nearly three times year-over-year, and in China, which was up over 500% during the same period.”

Belson said that with the growing number of users online, and as connection speeds improve over time, the importance of security would also grow. “Botnets have grown beyond leveraging end-user systems, to leveraging the massive bandwidth available through compromised servers running software packages with known vulnerabilities, and successful phishing attacks have continued to prove that humans remain the weak link in the security chain,” he said. “In addition, revelations over the last several months indicate that encrypting communications may not provide complete privacy of those communications.

“While there is no silver bullet to address any of these issues in their entirety, ongoing education of users and administrators alike, the practice of good network hygiene (including regularly updating/patching systems), and a healthy level of scepticism, can help to keep things in check.”