China & U.S.Top the List of Cyber-Attack Sources

By Maggie O'Neill Print this article Print

This report offers insights into cyber-threats from around the world, including countries where the most attacks originate and nations that are most targeted.

The source for the greatest volume of cyber-attacks is China, followed by the United States, Saudi Arabia and Germany, according to the "Global Perspective" report from Norse, a provider of security solutions and attack intelligence. Other countries high on the source-of-attacks list include the Russian Federation, the Netherlands, France, Brazil, Turkey and Taiwan.

However, the most significant source of attacks, when population size in taken into account, is Iceland. And the Netherlands and Saudi Arabia are the only two countries to make the top 10 source-of-attacks list by both volume and population size.

Meanwhile, the most significant attack targets by volume are the U.S., the United Arab Emirates, Saudi Arabia and Germany. This makes the U.S. the second highest source of attacks by volume and also the highest target of attacks by volume.

The surprising part of the report in regard to the United States, according to Brian Contos, senior vice president and chief security strategist at Norse, is that while the country has a pretty large Internet footprint, a lot of the attacks that originate from inside the U.S. actually come from devices that have been compromised by groups outside of the country.

"We're kind of punching ourselves in the head," he says. "They are essentially using [our devices] to attack ourselves."

Higher Volume, Less Sophisticated Attacks

Another intriguing finding of the report, according to Contos, is that while a higher volume of attacks come out of Asia, those attacks are fairly basic. That's in contrast with the highly targeted, well-thought-out attacks that appear to emanate from Eastern Europe.

"That said, there is definitely a higher volume coming out of Asia, but a higher sophistication is coming out of Eastern European countries," he says.

Another interesting component to the Norse report is Liechtenstein's role as a top target. The country, bordered to the south and west by Switzerland, was identified by Norse as the top target for attacks based on population. In other words, Liechtenstein is targeted 2,076 times more than expected based on the user population.

However, the finding may be explainable by the fact that the country is centrally located, has a strong economy and infrastructure, and is a significant disseminator of media. This means that there is high traffic and high-speed Internet connections.

Contos also points out that a data about attacks and threats becomes most useful when it is put in context. In other words, the more context that companies have about attacks and threats—including where they are most likely to come from—the more likely they are to be able to address and prevent them.

"Security is becoming a game of context," he concludes.

This article was originally published on 2016-02-08
Maggie O’Neill has worked as a hard news reporter for more than 10 years for papers in Northern Nevada.
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.