, one of the leaders in providing content hosting and cloud services, conducted a comprehensive study of Internet security using numerous sensors around the world (Akamai uses NASA, McAfee, FedEx, General Motors and many other companies
). Thanks to a wide network of coverage, Akamai has revealed the main sources of web threats and objects of close attention from hackers.
According to a study in the first quarter of 2010, Russia turned out to be the main source of attacks on the Internet. 12% of attacks accounted for Russian traffic. It should be noted that Russia has been holding the lead for the third quarter in a row and it is unlikely that it will soon give up. Slightly behind the United States, "taking" second place with 10% (although last year the Americans occupied 12%). Four European countries (Italy (4.4%), Germany (3.9%), Romania (3.2%) and Poland (2.4%)) were in the top ten threat countries. With the full composition of a kind of top 10 can be found in the image:
What is characteristic, it was Europe that turned out to be the universal leader in the number of malicious traffic generated, with 44% of a kind of “market”. In addition, Europe turned out to be the absolute leader in the number of web threats in mobile networks, although, according to analysts Akamai, the threats do not necessarily come from infected mobile devices, but from computers running on mobile broadband Internet. The graphics are shown below:
Now that was attacked in the first quarter of 2010. The most desirable goal was port 445 (Microsoft Directory Services), which the famous Conficker worm "took note of." About 74% of the attacks were directed specifically at this vulnerability, as many computers are still not protected from this malware. At the same time, the difference in successful attacks varies from country to country. For example, in the USA, the targets reached about 50% of the attacks, whereas, for example, in Romania almost 95%.
The remaining members of the top 10: 22 - SSH (6.3%), 139 - NetBIOS (3.2%), 23 - Telnet (2.5%), 135 - Microsoft-RPC (2.5%), 80 - WWW (1.7%), 4899 - Remote Administrator (1.5%), 1433 - Microsoft SQL Server (1.1%), 5900 - VNC Server (0.9%) and 1080 - SOCKS Proxy (0.5%).
You can see the comparison with 4Q on the table below:
A certain pride in our hackers is still present, but ... be alert and adjust the protection =)Thanks to the respected Habrayuzer litos
for the valuable remark that, perhaps, a high percentage of attacks from Russia is associated with a low level of computer literacy in the country. You can read the full opinion here
From myself I will add that the level of piracy in Russia is quite wide, so the OS and remedies may not receive updates in time, which leads to numerous vulnerabilities.
The study itself is here (short registration is required)