All Sections

America is the internet’s 2nd most evil citizen

America is the second-most aggressive source of internet attack traffic – and it’s getting worse.

China leads the list of net bad boys, accounting for 13 per cent of attack traffic observed by internet content delivery firm Akamai.

But Akamai’s State Of The Internet report for the end of 2011 logs America close behind at 10 per cent, well ahead of Indonesia, Taiwan, and Russia.

China and America’s attack traffic also increased as the year went on, while Indonesia, Taiwan and Russia all dialled back their online ill behaviour.

Akamai State of the Internet attack traffic

In the mobile world, Italy is the leading source of attack traffic, accounting for a quarter of attacks, although it dropped by a half from the summer, while China increased its attacks over mobile networks by 77 per cent.

“During the fourth quarter of 2011, Akamai observed attack traffic originating from 187 unique countries/regions,” said Akamai State Of The Internet report, which logs worldwide trends in traffic and behaviour on the internet.

“China became the top attack traffic source, responsible for 13 per cent of observed traffic in total,”

“The United States and Indonesia held the second and third place spots respectively, accounting for over 17 per cent of observed attack traffic combined.

“Quarterly changes in observed attack traffic volume among the top 10 were evenly split in the fourth quarter, with China, the United States, Turkey, South Korea, and Romania all responsible for higher percentages of attack traffic as compared to the prior quarter, while Indonesia, Taiwan, Russia, Brazil, and India all saw percentages drop relative to the third quarter.”

The most common attack route is via port 445, used by Microsoft Direct Show, but it’s in decline while attacks via Microsoft’s SQL Server on port 1433 tripled.

Akamai adds that the concentration of attack traffic concentration declined slightly towards the end of 2011.

Britain failed to make the evil top 10, just at the UK also failed to make the world’s fastest broadband locations.

However, attacks quadrupled both via the commonly-used HTTP alternate port 8080, and using port 9415 due to a flaw in a popular Chinese video streaming application, PPLive. 

Cover image: Jan Seifert/Flickr