Posted on July 9, 2019 at 11:55 AM
DDoS Attacks Surge Around the World: China and US Still the Largest Sources, but Their Share Keeps Dropping
DDoS attacks continue to grow in numbers around the world, with each new quarter bringing new reports of increased hacking activity. Only a month ago, Telegram’s CEO stated that the platform is under attack and that the attack came from devices based in China. Meanwhile, a security provider Nexusguard confirmed that the country is still the world’s largest source of DDoS attacks.
Of course, the fact that the most compromised devices are in China does not necessarily mean that the attackers themselves are based in China. It is just as possible that the attackers are simply compromising more devices in China. After all, the country’s security practices are pretty much the same as everywhere else in the world, but the number of people is far greater.
According to reports from Q1 of this year, China is the top source of DDoS attacks, and the US is right behind it. However, recent reports have also stated that the two countries are seeing a major drop in their share of the total number of attacks. Meanwhile, several other countries are seeing their share grow, including Vietnam, which has climbed to the fourth spot, as well as Brazil, which currently occupies the sixth spot. Neither of the two made the list of top ten as recently as two years ago.
Why are the sources of DDoS attacks shifting?
As many are undoubtedly aware of, DDoS attacks are quite simple in concept. What they do is send thousands upon thousands of requests for information towards the targeted website. To do this, they use large botnets — entire networks of previously infected devices. With so many requests for information that the websites are trying to respond to at once — sooner or later, they cannot handle them anymore, and they crash.
The devices that experts can track down are only victims, infected, and then abused by hackers. In theory, it is possible to find those responsible for the attacks — those who control the devices, although, in reality, it is quite difficult. They often spoof their own IP address, which makes it harder to track them down. It is also quite easy for hackers to acquire botnets, simply by purchasing them on the dark web.
The biggest question that has researchers puzzled right now is why are the US and China losing their share, and why is Vietnam becoming one of the largest sources of DDoS attacks? The reason would certainly have something to do with the larger online population. More people means more devices that are not properly protected, and thus vulnerable to becoming a part of the botnet.
According to Russian cybersecurity firm Positive Technologies’ CTO, Dmitry Kurbotov, badly secured smartphones and Internet of Things devices are allowing hackers plenty of choices when building up botnets. Vietnam and other developing countries are only seeing a proper surge in acquired internet-connecting devices now. Further, their bad security practices come from a lack of awareness and experience. These tend to differ from one country to another, but the ones that are just joining the internet in this fashion are always more likely to be hit.
People simply do not know that they must put long, strong passwords, or they will be abused, and their devices misused.
Online security awareness is still too low
Of course, this is still only speculation, as there is no evidence that Chinese users are doing something wrong when protecting their devices. It is far more likely that their huge population simply allows for a greater number of vulnerable devices, as stated earlier. It is also likely that DDoS attacks are more correlated to the number of broadband subscriptions.
After all, routers often have poorer protection that smartphones or computers. Users don’t even think that they should protect these devices as well. While smartphones and the size of the population also have an impact on their own, it is believed that this is a weaker aspect. In other words, it all comes back to security awareness. All devices are vulnerable, and so they all need to be protected. Until the entire world understands this, the attacks will continue to grow, and their source will simply shift from country to country, as new developing countries take a greater part in using the internet.