Cyber-Attacks: Where Are They Coming From? And Where Are They Going?

0-Cyber-Attacks: Where Are They Coming From? And Where Are They Going?
1-China Has the Most Malicious IP Addresses, Claims AlienVault
2-Indonesia Is the Top Country for Attack Traffic, Says Akamai
3-Denial-of-Service Attacks Targeting the Americas
4-Most DDoS Attacks Are Less Than 1G bps
5-DDoS Attack Bandwidth Is Growing
6-Most DDoS Attacks Last Less Than 30 Minutes.
7-Port 80 Is the Most Attacked Server Port
8-SSL on Port 443 Is Often Attacked
1 of 9

Cyber-Attacks: Where Are They Coming From? And Where Are They Going?

By Sean Michael Kerner

2 of 9

China Has the Most Malicious IP Addresses, Claims AlienVault

According to AlienVault's latest Open Threat Exchange (OTX) snapshot, China tops the list of countries with the most reported malicious IP addresses.

3 of 9

Indonesia Is the Top Country for Attack Traffic, Says Akamai

In contrast with AlienVault's findings, the second-quarter Akamai "State of the Internet" report found that Indonesia is the top country for attack traffic, with 38 percent of attack traffic originating there. China is second at 33 percent, with the U.S. a distant third at only 6.9 percent.

4 of 9

Denial-of-Service Attacks Targeting the Americas

While attacks can come from any corner of the world, Akamai found that the vast majority of distributed denial-of-service (DDoS) attacks were against organizations in the Americas.

5 of 9

Most DDoS Attacks Are Less Than 1G bps

According to the third-quarter 2013 attack report from Arbor Networks, most DDoS attacks consume less than 1G bps of attack bandwidth.

6 of 9

DDoS Attack Bandwidth Is Growing

Although attacks of less 1G bps currently represent the majority of DDoS attacks, larger bandwidth attacks are growing. According to Arbor Networks, attacks of between 2G and 10G bps now represent 37 percent of all DDoS attacks.

7 of 9

Most DDoS Attacks Last Less Than 30 Minutes.

According to Arbor Networks, the majority of DDoS attacks are short-lived, lasting 30 minutes or less in duration.

8 of 9

Port 80 Is the Most Attacked Server Port

It should come as no surprise that Port 80 is identified by Arbor Networks as being the most attacked server port. Port 80 is the primary operating system port used for all Web traffic on devices and servers. When it comes to the most attacked ports after Port 80, other vendors have different views.

9 of 9

SSL on Port 443 Is Often Attacked

As is the case with the Arbor Networks data, Akamai's "State of the Internet" report also found Port 80 to be the most attacked port. The Akamai report found that Port 443, which is used for Secure Sockets Layer (SSL) encryption, is the second most attacked port.

Top White Papers and Webcasts