London (UK): The StealthWatch Labs Intelligence Center (SLIC) - Lancope’s research initiative which tracks emerging threat information from around the world, today revealed that 30% the world’s active botnet command and control servers are actually based in the US! This is three times higher than the second and third most active countries – China (9%) and Russia (8%) respectively. Yet, when it comes to Internet scanning for victims to target with brute force attacks or exploit their activity, it is China (44%) that is the most active followed by Japan (7%), USA (6%) and South Korea (5%). When looking at Backscatter activity (Victims of DDOS attacks), again it is the US that tops the list at 23% followed by Taiwan (17%), Japan (10%) and South Korea (8%). Interestingly, of all the European countries, it is only Germany that features at the top of these lists, in fifth place for both botnet command and Backscatter (6% and 5% respectively). The UK’s only appearance in the top 10 list is for botnet command and control in sixth place at 4%. The reason the US and the other countries feature so highly is to be expected as threats often originate from inside large legitimate networks as a result of systems that have been compromised. Under the remote control of botnet operators or other nefarious external parties, these internal systems spread infections, steal data and wreak havoc on enterprise resources.
- REGINE HARTMANN
- InfoSecurity
- Posted On