In Q1 More Countries Suffered Botnet Attacks
Cybercriminals in Q1 2015 carried out more than 23,000 botnet-assisted DDoS attacks on web resources located in 76 countries. Servers in the USA, Canada and China were most frequently targeted, while the top 10 victims also included resources in Europe and the Asia-Pacific region, according to Kaspersky Lab’s latest stats.
The greatest number of attacks on a single web resource in Q1 was 21 – about two attacks a week. In Q4 2014, the equivalent figure was 16. The most protracted botnet attack in Q1 was almost six days long.
There were a total of 23,095 attacks in Q1. These affected targets in 76 countries, up 15% from the 66 countries affected in Q4, 2014. Information systems located in China, the USA and Canada in Q1 suffered most from DDoS attacks. These attacks were commanded by C&C servers predominantly located in the USA, China and the UK. China and the USA’s leading positions in both rankings can be explained by the relatively cheap prices for web hosting in these countries, so most data centers are located there.
“A DDoS attack is often a cross-border effort; the customer is located in one country, the executor in another, the C&C servers are hosted in a third country, and the bots involved in the DDoS attack are scattered across the world. This often makes it more complicated to investigate attacks, take down botnets and catch those responsible. Although cybercriminals do not limit their DDoS toolkits to botnets alone, this is still a widespread and dangerous tool, and it demands preventive protection measures from potential targets, i.e. web resources,” commented Evgeny Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab.
