The good news is that the observed Internet attack traffic fell in most countries during the first quarter of 2014. the bad news is that the United States has risen to second in the world after China, as a source of attack traffic. The latest State of the Internet report from Akamai Technologies identifies these and other trends in Internet security and speed.
Akamai's Internet content delivery network US and the creator of the platform Akamai Intelligent, which provides more than two trillion Internet interactions and protects users from multiple distributed denial of service (DDoS ) every day. This platform is internationally distributed network, enabling the company to monitor the status in the world of the Internet. Here is how the Internet security landscape of the first quarter 2014 compared to the last quarter of 2013.
The geography of the attack of the changed traffic
According to the report, the geographical distribution of hackers continues to grow. During the first quarter of 2014, Akamai has identified attack traffic originating from 194 countries / regions, which is six more than the fourth quarter of 2013. The total concentration of attacks has decreased significantly compared to the fourth quarter 2013, the first 10 countries produced 75 percent of reported attacks, a decrease of 88 percent over the previous quarter.
again, the No. 1 source of attack traffic was China, which is a huge 41 percent of observed attacks. While China clearly remains a haven for pirates and black markets, countries attack the volume of traffic is slightly down from 43 percent at the end of 2013.
Most countries have seen decline of the attack traffic
most countries included in the report experienced modest declines in the attack traffic, but a handful of countries have seen massive increases. The United States, where the second largest amount of attack traffic originated, was down 40 percent in the staggering attack traffic compared to the previous quarter. The United States accounted for 11 percent of observed attacks, down from 19 percent in Q4 2013. Third, Indonesia accounted for about seven percent of observed attacks, which is an increase of 5.7 percent in the fourth quarter of 2013.
by far the steepest fall of attack traffic belongs to Canada, which fell from third place to 30th place in the first quarter of 2014 to during the fourth quarter of 2013, Canada has seen an increase of 25 times compared to the previous quarter, which catapulted to third place. Now, less than one percent of attack traffic comes from Canada, compared with 10 percent a year ago.
experienced increases large enough to lift thequarter after quarter, South Korea, Turkey and India all top 10 volume Quarterly attack traffic also increased in Brazil, Romania and Russia.
The most frequently Ports targets 445 and 5,000 pirates
While Port 445 (Microsoft-DS) remains the most popular target for hackers, accounting for 14 percent of observed attacks, the report suggests that it is getting out of fashion. Port 445 was down 50 percent in volume of attack traffic as compared to the previous quarter. However, Port 5000 (Universal Plug & Play / UPnP) has experienced explosive increase in the volume of attack traffic, with numbers rising over 100 times from Q4 2013 to 12 percent in total.
According to the Internet Storm Center (ISC), the rise in Port 5000 attacks could be the result of Bitcoin mining malware infecting Hikvision DVRs, often used devices to collect video surveillance equipment. In the report from Akamai, it is said that the ISC speculates that the malware is sensitive to the research "devices to infect with a real feat to come later" (p. 5). Important quarterly declines in the order 40 to 50 percent were held with most ports in the top 10, with port 23 (Telnet) is the only port that saw a quarterly increase of attack traffic.
attacks on Port 445 has decreased overall
port 445 becomes less and less targeted in most countries, Q1 2014 Q4 2013, Port 445 is the most-attacked in six of the 10 countries harbor against only four in the 1st quarter of 2014 (Romania, Taiwan, India and Russia). Port 445 was the second most targeted harbor Q1 2014 in South Korea, Brazil, and the port of the United States 5000 was the most-attacked port in China, Turkey, Brazil and South Korea, and the second most targeted port in Romania and India.
quarterly decrease, an annual increase of DDoS
DDoS attacks are an attempt to make a network resource or inaccessible device users. The first quarter 2014 saw a significant decrease in reports of attacks by clients of the previous quarter, with 283 reported attacks compared to 346 in Q4 2013. Despite the quarterly decline of 20 percent, reported attacks still up 27 percent from a year ago.
Geographically, North America accounts for 49 percent of total attacks, the Asia-Pacific region to 31 percent, and Africa and the Middle East for 20 percent. The region Africa and the Middle East was unique in that it has increased 50 percent in the attacks of the previous quarter.
New Threats Surfaced
Two increased threats have emerged in Q1 2014, Akamai reported an increase (NTP) and Network Time Protocol reflection WordPress XML-RPC attacks pingback. February 2014 saw more activity because of DDoS amplification attacks NTP. Hackers spoof an IP address and send a request to a sensitive NTP server, which produces a huge amount of response data to the wrong address.
Such an attack can overwhelm the network links, preventing legitimate traffic to reach the destination. Similarly, in March 2014, hackers have begun to conduct DDoS attacks using exploits WordPress pingback XML-RPC, which Akamai has helped thwart encouraging webmasters to disable the function of pingback.
In general, the State of the Internet report paints a positive picture for the Internet landscape for the first quarter of 2014. Internet becomes faster; while attacks come from several countries now, the entire attack traffic decreased worldwide.
However, concerns persist about creativity evolving pirates, targeting different port and to design new exploits to block websites and block legitimate traffic. For this reason, more than ever as a buffer between users and enterprising pirates state-of-the-art protection of Web security and prevention.
0 Komentar