19 April 2016
Cyber attacks from US-based addresses highest in three years
Cyber attacks from US-based IP addresses have increased for the third consecutive year, making the US a major source of hostile cyber activity.
That’s according to the NTT 2016 Global Threat Intelligence Reportpublished today. The annual Report contains security threats gathered during 2015 from 8,000 clients of the NTT Group security companies including Dimension Data, Solutionary, NTT Com Security, NTT R&D, and NTT Innovation Institute (NTTi3). This year’s data is based on 3.5 trillion security logs and 6.2 billion attacks. Data is also gathered from 24 Security Operations Centres and seven research and development centres of the NTT Group.
During 2013, 49% of cyber attacks on IP addresses originated from within the US, and that number increased to 56% in 2014. In 2015, this number increased to a startling 65% across 217 countries that detected attacks.
Matthew Gyde, Dimension Data’s Group Executive – Security says, “The US serves as a major source of hostile activity, due to the ease of provisioning and low cost of US cloud hosting services. While the source IP address is based in the US, the actual attacker could be anywhere in the world. Because of the ease with which attackers can disguise their IP addresses, attack sources can often be more indicative of the country in which the target is located, or perhaps of where the attacker is able to compromise or lease servers, rather than where the attack actually originates.
Because a significant number of the detected attacks target US organisations, so attackers often host such attacks locally in the same geographic region as their victims. This reduces the likelihood that they’ll experience potential geolocation blocking or alerting,” explains Gyde, and points out that the data is derived from correlated log events identifying validated attacks that took place in 2015.
China, which was the source of the second-largest number of attacks (9%) in the 2014, accounted for only 4% of attacks in 2015. Australia, which was in third place in 2014, dropped to eleventh spot (1%) as a source of attacks in 2015.
Meanwhile, the UK became the number one source of non-US based cyberattacks in 2015: the number of attacks from addresses based in the UK rose slightly from 3% in 2014, to 5% 2015, making the country the primary source of non US-based attacks.
Other highlights in the report include:
- Organisations in the retail sector experienced nearly three times more attacks as those in the financial sector which topped the list of cyberattacks in the 2015 report. In 2015, cyberattacks on the financial industry dropped to fourteenth position.
- Similar to the retail sector, the hospitality, leisure, and entertainment sector also processed high volumes of sensitive information including credit card data. Transactions in the hospitality sector, which includes hotels and resorts, tend to be sizable, which can make those card numbers attractive to attackers.
- Cybercriminals are adopting low-cost, highly available, and geographically strategic infrastructure to perpetrate malicious activities. This can be seen by the increase in US-sourced attacks leveraging cloud infrastructure.
About Dimension Data
Dimension Data uses the power of technology to help organisations achieve great things in the digital era. As a member of the NTT Group, we accelerate our clients’ ambitions through digital infrastructure, hybrid cloud, workspaces for tomorrow, and cybersecurity. With a turnover of USD 7.5 billion, offices in 52 countries, and 30,000 employees, we deliver wherever our clients are, at every stage of their technology journey. We’re proud to be the Official Technology Partner of Amaury Sport Organisation, which owns the Tour de France, and the title partner of the cycling team, Team Dimension Data for Qhubeka. Visit us at http://www.dimensiondata.com