Cybercriminals in Q1 2015 carried out more than 23,000 botnet-assisted DDoS attacks on web resources located in 76 countries.
Cybercriminals in Q1 2015 carried out more than 23,000 botnet-assisted DDoS attacks on web resources located in 76 countries. Servers in the USA, Canada and China were most frequently targeted, while the top 10 victims also included resources in Europe and the Asia-Pacific region, according to Kaspersky Lab’s latest stats.
The greatest number of attacks on a single web resource in Q1 was 21 – about two attacks a week. In Q4 2014, the equivalent figure was 16. The most protracted botnet attack in Q1 was almost six days long.
There were a total of 23,095 attacks in Q1. These affected targets in 76 countries, up 15% from the 66 countries affected in Q4, 2014. Information systems located in China, the USA and Canada in Q1 suffered most from DDoS attacks. These attacks were commanded by C&C servers predominantly located in the USA, China and the UK. China and the USA’s leading positions in both rankings can be explained by the relatively cheap prices for web hosting in these countries, so most data centers are located there.
“A DDoS attack is often a cross-border effort; the customer is located in one country, the executor in another, the C&C servers are hosted in a third country, and the bots involved in the DDoS attack are scattered across the world. This often makes it more complicated to investigate attacks, take down botnets and catch those responsible. Although cybercriminals do not limit their DDoS toolkits to botnets alone, this is still a widespread and dangerous tool, and it demands preventive protection measures from potential targets, i.e. web resources,” commented Evgeny Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab.
Kaspersky Lab recommends the use of dedicated security solutions to filter cybercriminals’ junk requests from legitimate web traffic. Thus, Kaspersky DDoS Protection combines Kaspersky Lab’s proven expertise with in-house technology such as DDoS Intelligence. DDoS Intelligence is a system that analyzes the information sent from C&C servers to botnets, and aims to improve protection against DDoS attacks. Kaspersky Lab’s stats on botnet activity in Q1 was prepared based on the data collected by DDoS Intelligence.
The complete text of the stats is available at Securelist.com. To learn more about the principles behind Kaspersky DDoS Protection, read this document.
