The Asian DDoS Attack Threat Is Huge and Growing

Selected excerpts

Prolexic recently released the Q4 2013 Global Attack Report, which explores the significant threat of distributed denial of service (DDoS) attacks from China and other countries in Asia. This DDoS threat increased throughout 2013 and is expected to continue growing. Recent years have marked a significant rise in distributed denial of service (DDoS) activity from

Asia with targets within the region and around the world. Prolexic has observed malicious actors

compromising Chinese and other Asian IT resources and using them as command and control

(CnC, CC or C2) and zombies in DDoS botnets. In fact, in Q4 2013, six the top ten source countries

for DDoS activity were in Asia: China, Thailand, Korea, India, Saudi Arabia and Turkey – as shown

in Figure 1. Excepting the United States, China topped the list as the source country for 19 percent

of DDoS attacks observed by Prolexic in Q4 2013.

The Chinese government has promoted

Internet adoption as part of its

geopolitical and economic growth

strategy and has an aggressive

government policy of building new IT

infrastructure. As a result, China has

the largest infrastructure and Internet

population in Asia, with more than 538

million users.

Countries such as China, where

technological growth expands rapidly,

are often susceptible to a lack of

oversight, lax security, and a shortage of management for large server farms. This situation can

result in the presence of significant vulnerabilities that can be exploited by malicious actors.

Serious vulnerabilities arise from the sheer number of devices in China’s Internet-connected

infrastructure and the country’s tendency to run older, pirated and unpatched operating systems:

● China had an estimated 8.7 million domain names and 2.5 million websites in June 2012,

creating a huge source of opportunity for hackers.

● The dominant operating system is Windows XP, but Microsoft will stop supporting XP in

2014.

● The software piracy rate in China is estimated at 80 percent.

● Pirated software is rarely updated or patched, leaving it vulnerability viruses and malware.

● China is estimated to have the highest rate of computer infections of any country.

● DDoS botnets are often built from infected devices.

● Prolexic has observed DDoS toolkits created for Chinese users.

● Much of the country’s IT infrastructure is state-owned.

● The Chinese state may itself launch DDoS attacks.

China also has a huge number of mobile users, more than 400 million. In fact, mobile Internet

usage in the country is now believed to have surpassed Internet access via desktop. There are

strong indications that these mobile devices also have a high infection rate. In 2012, there were an

estimated 162,000 mobile malware programs in China. Mobile devices participate in DDoS attacks,

and Prolexic anticipates an increasing role for mobile devices from China in DDoS campaigns in

the future.

The growing DDoS threat from China takes several forms: an increase in DDoS reflection attacks

using the CHARGEN protocol, the use of botnets built from Asian IT resources, DDoS attacks by

hacktivist groups, and the presence of Chinese DDoS attack kits. Learn more about each of these

threats in the Q4 2013 Global DDoS Attack Report from Prolexic.

Get the full Q4 2013 Global Attack Report with all the details Each quarter Prolexic produces a quarterly DDoS attack report. As the world’s leading DDoS mitigation provider, Prolexic is ideally positioned to collect valuable data on the origins, tactics, types and targets of DDoS attacks and identify emerging trends. Download the Q4 2013 Global DDoS Attack Report for:

● Details about DDoS threats from Asia ● Year-over-year and quarter-by-quarter global DDoS attack statistics ● Types of attacks and industries targeted in Q4 2013 ● Network protocols at risk for abuse by attackers ● Details about real attacks mitigated by Prolexic

The more you know about DDoS attacks, the better you can protect your network against cybercrime. Download the free Q4 2013 Global DDoS Attack Report today. About Prolexic Prolexic Technologies is the world’s largest and most trusted provider of DDoS protection and mitigation services. Learn more at http://www.prolexic.com