Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Responsible For the Majority of Cyber Attacks

Posted by CmdrTaco on from the we're-number-one-we're-number-one dept.

Amber G5 writes "SecureWorks published the locations of the computers from which the greatest number of cyber attacks were attempted against its clients in 2008. The United States topped the list with 20.6 million attempted attacks originating from computers within the country, and China ran second with 7.7 million attempted attacks emanating from computers within its borders. This was followed by Brazil with over 166,987 attempted attacks, South Korea with 162,289, Poland with 153,205, Japan with 142,346, Russia with 130,572, Taiwan with 124,997, Germany with 110,493, and Canada with 107,483."

40 of 205 comments (clear)

  1. Yeah! by Spazztastic · · Score: 5, Funny

    Those bastards hacked my Yahoo mail!

    --
    Posts not to be taken literally. Almost everything is sarcasm.
  2. Within the U.S. by Ethanol-fueled · · Score: 4, Insightful

    The majority of cyber-attacks(controlled by their Chinese and Russian overlords) originate within the U.S.

    1. Re:Within the U.S. by Otter · · Score: 5, Insightful

      Also, these numbers are limited to attacks against the clients of a US-based firm, and are probably skewed accordingly.

      --
      What I'm listening to now on Pandora...
    2. Re:Within the U.S. by Anonymous Coward · · Score: 4, Funny

      We should fight them over there so we don't have to fight them over here!

      We could also just send Sarah Palin over to Russia and ask them nicely to stop. After all, she can see it from her house, she already said she would cross a sovereign nations' borders without permission if necessary, and apparently she's ready to engage on foreign policy and relations.

    3. Re:Within the U.S. by Anonymous Coward · · Score: 2, Insightful

      The majority of cyber-attacks(controlled by their Chinese and Russian overlords) originate within the U.S.

      Do you have any legitimate source to back this statement?

    4. Re:Within the U.S. by libcrypto · · Score: 2, Informative
      I googled for a rank of countries by the number of computers they own to see if there is any correlation between the number of computers and the country rank mentioned in the article. This is the best I could come up with. Anyone has something better?

      http://www.etforecasts.com/products/ES_cinusev2.htm

      The top ten countries according to this website is:

      1. U. S.
      2. Japan
      3. China
      4. Germany
      5. UK
      6. France
      7. South Korea
      8. Italy
      9. Canada
      10. Brazil

  3. Riiiiiight by $RANDOMLUSER · · Score: 5, Insightful
    So

    port scan == attempted attack

    Sounds plausible.

    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill
    1. Re:Riiiiiight by Goaway · · Score: 2, Insightful

      Read, comprehend, reply. In that order.

  4. Ummm, duh? by R2.0 · · Score: 3, Insightful

    Formula:
    #zombies=#computers * X%

    I mean, isn't it that obvious?

    --
    "As God is my witness, I thought turkeys could fly." A. Carlson
    1. Re:Ummm, duh? by gnick · · Score: 5, Informative

      And certainly there are a ton more computers in the U.S. than in China, although that will certainly change within the next decade or so.

      Actually, China has ~253 million Internet users. The US has only ~215 million. It could just be that your numbers are dated - They're increasing that number about 8x as fast as we are. Look for yourself: http://www.internetworldstats.com/stats.htm

      --
      He's getting rather old, but he's a good mouse.
    2. Re:Ummm, duh? by gnick · · Score: 5, Informative

      Actually, just while I have the numbers pulled up, here are the number of "attacks" from each country mentioned in TFS scaled by the number of Internet users in the country. Since I'm inferring that these are total attacks and not unique IPs, I guess that these numbers are "attacks per Internet user".

      0.09581 US
      0.03043 China
      0.00958 Poland
      0.00812 Taiwan
      0.00489 Canada
      0.00466 South Korea
      0.00392 Brazil
      0.00210 Germany
      0.00151 Japan

      --
      He's getting rather old, but he's a good mouse.
    3. Re:Ummm, duh? by whitehatlurker · · Score: 2, Insightful
      Not really - the Canadian figures should be around 3.4 million and the German around 8 million if that were the case. (This is using the Linux Counter for rough numbers of computers. Canada has 17% of the US values, Germany 40%.)

      ...

      Besides, any formula involving zombies needs to include some mention of number and location of malls, and at least passing mention of braaaaainzzz.

      --
      .. paranoid crackpot leftover from the days of Amiga.
    4. Re:Ummm, duh? by gnick · · Score: 2, Insightful

      Is that 0.09581 almost 1% or 9.5% of our internet-hopping population?

      Neither - nothing more meaningful than "attacks per Internet user in the country". I thought that was an interesting scalar, but I'm not sure that it's useful expressed as a percentage (or perhaps not useful at all, but interesting to me). If each attack was from a unique "user", that would imply one attack on these monitored targets from each of 9.5% of the US Internet-enabled population - But that doesn't seem to be the case. So the actual percentage of "users" that attacked this target is certainly much lower, although we don't have enough information to guess how much.

      --
      He's getting rather old, but he's a good mouse.
  5. redirection by Anonymous Coward · · Score: 5, Insightful

    Of course, hackers always use their home ip, and never bounce off of compromised clients in other countries.

    1. Re:redirection by db32 · · Score: 3, Informative

      Good job on reading the article. You know, the part where every other paragraph other than what was cut for the summary points this out and how to defend against this very thing.

      --
      The only change I can believe in is what I find in my couch cushions.
    2. Re:redirection by yoinkityboinkity · · Score: 4, Funny

      We're supposed to read the article?

    3. Re:redirection by db32 · · Score: 2

      Clearly you are new here. There are a number of castes here.

      Grammar Nazis
      Spelling Nazis
      Trolls
      First Posters
      Meme Propogators (underpands gnome jokes, **AA jokes, grits, portman, the list goes on forever)
      UID Groups (turn in your UID jokes, you are new here jokes, UID snobbery, etc)
      Summary Reactors
      and then finally, in primary opposition to the Summary Reactors the RTFAA. Read the F'ing Article Association.

      Many people are members of multple castes. There are also other castes that present from time to time.

      --
      The only change I can believe in is what I find in my couch cushions.
  6. 20.6 million by morgan_greywolf · · Score: 3, Interesting

    And out of how many computers connected to the Internet? I'm willing to bet China's "per machina" rate is higher.

    --
    My blog
  7. Damn Windows Lusers! by andreyvul · · Score: 2, Funny

    Leaving their broadband-connected computers 24-7!

    --
    proud caffeine whore
    1. Re:Damn Windows Lusers! by JeanBaptiste · · Score: 3, Funny

      well I'm a windows user that leaves my broadband connected computer up 24-7, and I guarantee none of my boxes are causing the attacks. Except for when I'm the one doing the attacking. Er, uhm, nevermind...

    2. Re:Damn Windows Lusers! by morgan_greywolf · · Score: 2, Insightful

      I run Windows XP under VirtualBox on an Ubuntu Linux machine that is connected 24x7. What does that make me?

      --
      My blog
  8. Woot! by SatanicPuppy · · Score: 4, Funny

    We're #1!
    We're #1!

    I'm sure the bulk of it is just that we have more computers. I'd have thought Japan would have been higher though, if that were the primary factor, so maybe not.

    --
    ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
    1. Re:Woot! by aykroyd · · Score: 2, Interesting

      According to Akamai's quarterly "State of the Internet" report, Japan and the U.S. account for "over 50% of observed [attack] traffic in total."

      You can see the executive summary and download the report here.

      Full Disclosure: I work for Akamai.

    2. Re:Woot! by unity100 · · Score: 2, Funny

      Full Disclosure: I work for Akamai.

      ok now we just need your passwords.

      --
      Read radical news here
  9. May depend on who their "Clients"are... by Zymergy · · Score: 2, Interesting

    A list of their "Clients" might be useful as well as interesting while taking their numbers and the source of the "cyber attacks" into consideration...
    It might be that as the US is the greatest English-speaking population with disposable income, the US may be a better target and thus is targeted from within the itself more often??

  10. Number One! by ireallylovelinux · · Score: 5, Funny

    I guess on the internet axis of evil we are number One!

  11. More in US than Reported by BountyX · · Score: 5, Interesting

    Many of the attacks originating from China are actually from the US as well. Many US hackers find it easy to compromise chinese machines and use those machines for whatever they need. I'm willing to bet a hand full of Chinese attacks are actually originating from the US as hackers seek to use easily compromised machines that are unlikly to work with the US (politically) if the US asks for connection info from an ISP. As a result, a lot of US originated hack trails stop in china.

    --
    Trying to install linux on my microwave, but keep getting a kernel panic...
    1. Re:More in US than Reported by Missing_dc · · Score: 4, Insightful

      On the flip side of that would be the large # of botnets that are foreignly controlled, which is where most of TFA's attacks probably originated.

      Also take into account the # of computers running unattended (and likely infected)in the US vs the rest of the world.

      So, do we try to cut off the monster's hands or its head?

      --
      How amazed would you be to suddenly find that you just forgot what I wrote and you needed to reread my post.... again.
  12. That just means US has the most hijacked systems! by Phizzle · · Score: 4, Funny

    All those AOL users who leave their boxes up 24/7 are infected with cooties that use their machines to haxx0r the rest of the world and steel their megabites, oh n0s!

    --
    I will not be pushed, filed, stamped, indexed, briefed, debriefed or numbered. My life is my own.
  13. Did you know Canada has its CIA? No? Exactly. by Twyst3d · · Score: 2, Funny

    At first when someone pointed out to me, that Canada, my home country had the least amount of attacks, he spun it to me in a sad manner. "Aww we have the least amount of hackers :(" To which I responded "No no young padawan. We have the least amount of hackers who were traced" GO CANADA!! Milk in a bag FTW

    --
    And this has been another installament of Captain Obvious! /whoosh
  14. Soooo.... by Sta7ic · · Score: 4, Insightful

    ...can we lump the MediaSentry/SafeNet "investigations" in the numbers for these attacks?

  15. Comment removed by account_deleted · · Score: 2

    Comment removed based on user account deletion

  16. It's obvious by quarmar · · Score: 2, Funny

    2 out of 3 US hackers choose SecureWorks clients. Remember, discerning hackers choose SecureWorks.

  17. Actually... by CorporateSuit · · Score: 4, Interesting

    Good job on reading the article. You know, the part where every other paragraph other than what was cut for the summary points this out and how to defend against this very thing.

    You know, they never draw that conclusion in the article. They just say that some attacks originating from a given country may be initially controlled from a different country. They don't go into ip masking/spoofing or any of that... Why would they want to expose the limits to their services when this article was written in an attempt to sell something?

    --
    I am the richest astronaut ever to win the superbowl.
    1. Re:Actually... by Zironic · · Score: 2, Informative

      Unless you're performing a DoS isn't IP spoofing very counterproductive since you cant get a response?

    2. Re:Actually... by SgtAaron · · Score: 4, Informative

      Unless you're performing a DoS isn't IP spoofing very counterproductive since you cant get a response?

      Usually, yes. But some things can be accomplished, like the Windows Messaging spamming coming into UDP ports 1026-1028, nearly every second of every day it's coming into our network, trying to pop-up messages onto Windows users' computers. The messages tell them their computers are infected and they need to go and download something to fix it. Well, you can guess what will happen if they do :) Oh, they are being sent with spoofed addresses appearing to come from Shaw Cable.

      From our cisco's access-list counters, which was just reset yesterday:

      deny udp any any range 1026 1028 (8692 matches)

      We've a reflexive access list that will allow UDP incoming on those ports if originated inside the network.

      Lots of traffic comes from the reserved IP blocks, too. As well as spoofed local IP addresses. All sorts of nastiness.

      deny ip 10.0.0.0 0.255.255.255 any (4232 matches)
      deny ip 172.16.0.0 0.15.255.255 any (603 matches)
      deny ip 192.168.0.0 0.0.255.255 any (1540 matches)

      -Aaron

  18. Murder vs. Littering by nick_davison · · Score: 4, Insightful

    You'll notice pretty much any survey of crime shows:

    Violent Crimes per 100,000
    Serious Sexual Assaults per 100,000
    Murders per 100,000
    etc.

    They don't just say, "Crimes" because...

    Any smart person would choose somewhere with a billion people and 10,000 crimes over a million people with 1,000 crimes. That's why per capita is critical.

    Any smart person would also likely choose somewhere with 10,000 littering offences and 1 murder over somewhere with 1000 murders.

    It only takes two massive cyber attacks against the entire infrastructure of Georgia and Estonia to make Russia (assuming you don't accept their denials) far more offensive on a global scale than a million spam botnets.

    Now which is worse? The country that spams millions of times or the country that cripples the infrastructure of any small nation that dares oppose it? Still care about pure numbers without caring what the numbers actually record?

    I'm not claiming the U.S.'s vast numbers of offenses are purely the equivalent of littering, nor that they never do anything worse... Simply that big but meaningless because it's not clarified number A vs. big but meaningless because it's not clarified number B is still... meaningless.

    1. Re:Murder vs. Littering by Explodicle · · Score: 2, Funny

      Any smart person would also likely choose somewhere with 10,000 littering offences and 1 murder over somewhere with 1000 murders.

      That second place just sounds like it has some healthy anti-littering vigilantism.

  19. Responsible for the Majority of Cyber Attacks ... by neonprimetime · · Score: 2, Funny

    "US" as in slashdot readers?

  20. Re:What? You're kidding, right? by Goaway · · Score: 2, Informative

    How many people do you think are out there maliciously portscanning? I've met way more normal computer professionals than psycho computer criminals that spend forty hours a week cracking.

    Quite a number of them, and they're not exactly sitting around typing in nmap command lines by hand, you know. They have automated tools to scan large sections of the internet for known vulnerabilities to exploit. They don't run "thousands" of portscans, they run millions.

    And the fact that you haven't met many of them might have more to do with you not associating with criminals, hmm?