News
Japan, U.S., China Leading Sources of Web Attack Traffic
- By Dan Campbell
- September 10, 2008
Japan, the United States and China topped the list of countries from which
Internet attack traffic originates in a recent report by Akamai Technologies
Inc. The three countries accounted for more than 60 percent of attack-oriented
Internet traffic.
Akamai's second-quarter State
of the Internet report found attack traffic originating from 139 countries,
up from 125 countries in the first quarter of 2008.
According to the report, 10 countries accounted for more than 75 percent of
attack traffic on the Internet. Although that is consistent with results in
the first quarter of this year, there were several relatively dramatic changes,
most notably Japan's increase from 3.56 percent earlier this year to more than
30 percent and the lead spot on the list.
The United States recorded a 50 percent increase in attack traffic since the
first quarter, while China’s rate dropped almost 50 percent. Taiwan stayed
in the top 10 but dropped from No. 3 to No. 7 and almost 12 percent to 2.2 percent.
The Akamai study does not comment on whether such abrupt changes are common
from quarter to quarter or what might have caused them.
The attack traffic that Akamai observed was directed at more than 400 application
ports. A port is a number that uniquely identifies an application and is used
by Transmission Control Protocol or User Datagram Protocol in data transactions.
Although more than 400 ports were targeted, the 10 most popular accounted for
more than 85 percent of the attack traffic. Port 445, which Microsoft's Directory
Services tool uses for file sharing and other applications, was the most heavily
attacked port and a frequent target of worms and viruses.
The study also evaluates global broadband adoption and other Internet traffic
trends. Analysts did not draw a correlation between broadband penetration, access
speeds and subsequent attack traffic volume, although they acknowledged that
countries with a larger number of Internet users will naturally carry more attack
traffic due to the sheer volume of subscribers and traffic.