News

Japan, U.S., China Leading Sources of Web Attack Traffic

• By Dan Campbell
• September 10, 2008

Akamai's second-quarter State of the Internet report found attack traffic originating from 139 countries, up from 125 countries in the first quarter of 2008.

According to the report, 10 countries accounted for more than 75 percent of attack traffic on the Internet. Although that is consistent with results in the first quarter of this year, there were several relatively dramatic changes, most notably Japan's increase from 3.56 percent earlier this year to more than 30 percent and the lead spot on the list.

The United States recorded a 50 percent increase in attack traffic since the first quarter, while China’s rate dropped almost 50 percent. Taiwan stayed in the top 10 but dropped from No. 3 to No. 7 and almost 12 percent to 2.2 percent.

The Akamai study does not comment on whether such abrupt changes are common from quarter to quarter or what might have caused them.

The attack traffic that Akamai observed was directed at more than 400 application ports. A port is a number that uniquely identifies an application and is used by Transmission Control Protocol or User Datagram Protocol in data transactions. Although more than 400 ports were targeted, the 10 most popular accounted for more than 85 percent of the attack traffic. Port 445, which Microsoft's Directory Services tool uses for file sharing and other applications, was the most heavily attacked port and a frequent target of worms and viruses.

The study also evaluates global broadband adoption and other Internet traffic trends. Analysts did not draw a correlation between broadband penetration, access speeds and subsequent attack traffic volume, although they acknowledged that countries with a larger number of Internet users will naturally carry more attack traffic due to the sheer volume of subscribers and traffic.