Akamai: In Q3 2012 over 50% of Cyberattack Traffic Originated in China, US and Russia
The security firm has released its State of the Internet report
Security firm Akamai has released its State of the Internet report for the third quarter of 2012. Besides global statistics on attack traffic, connection speeds and mobile connectivity, the paper also details Operation Ababil, the campaign initiated by Izz ad-Din al-Qassam Cyber Fighters against US banks.According to Akamai, in the third quarter of 2012, over 50% of the global attack traffic originated in three countries: China (33%), the United States (13%) and Russia (4.7%).
The top 10 countries, of the 180 that were observed, were responsible for around 72% of the total of attack traffic.
As far as the targeted ports are concerned, 455 (Microsoft–DS) remained the most targeted (30%), followed by port 23 (7.6%).
Akamai has also made some interesting observations regarding the distributed denial-of-service (DDOS) attacks launched by the hacktivist collective against US banks in September 2012, the first phase of the campaign.
They reveal that the hackers used various techniques and that some of the attacks had a total traffic of as much as 65 Gbps.
Of these 65 Gbps, 23 Gbps were aimed at the DNS servers utilized for Akamai’s Enhanced DNS services.
In an attempt to overload servers, the attackers used both UDP and TCP traffic against Akamai’s DNS infrastructures. Furthermore, the cybercriminals requested legitimate web pages via HTTP and HTTPS connections.
While some of the attack traffic consisted of junk packets that were easily blocked by the security firm, some of it consisted of HTTP request floods to dynamic sections of the targeted website, such as search pages and bank branch locators.
It’s worth noting that the company has been contracted by some of the targeted financial institutions to fend off the cyberattacks.