Yesterday I posted a blog about Verizon’s recent analysis of cyber security events in 2012, including cyber espionage.
In that article China came out “in the red” (har har).
Other information by Akamai, summarized below in an article by Charlie Osborne in ZDNet, paints a similar story, but not quite as dire.
According to Akamai, China is still #1 with 41% global computer attack traffic, but interestingly the United States is #2 with 10% of all global attack traffic.
Emphasis in red added by me.
Brian Wood, VP Marketing
China accounts for 41 percent of global computer attack traffic
Summary: Perhaps there’s something in China’s allegations that the United States is just as bad.
A new security report points the finger at China as the main source of malicious computer attacks — and puts the United States in second.
In a report due to be released today by Akamai Technologies, the security firm says that the Asian country is accountable for 41 percent of all global computer-attack traffic. As reported by Bloomberg, the latest statistic suggests that cyberattacks from China have risen over three times from last year. In addition, there has been a 33 percent hike from the last quarter.
China has long fought accusations of being a persistent source of cyberattacks, and rigorously denied suggestions that some of these attacks are either state-sponsored or military-based. In February, security firm Mandiant said an “overwhelming” number of cyberattacks originate from China — and many were traced back to a military building in Shanghai. Chinese officials dismissed the report, calling the evidence “groundless.”
The United States, however, is far from blameless. According to the report, the U.S. comes in second as a major source of cyberattacks, and is responsible for ten percent of all global attack traffic. In the last quarter, the country was held accountable for 13 percent of cyberattacks.
The situation between the United States and China is already strained; President Obama recently stated that cybercrime is now a “key” topic in talks with the Asian country.
Turkey, although not often associated with cyberattacks, came in third in Akamai’s report, apparently 4.7 percent of all hacking traffic originating from the country. Russia was given fourth place with 4.3 percent of cyberattack originations and Taiwan came in fifth, claiming 3.7 percent of the world’s attack traffic.
In comparison, Verizon’s 2013 Data Breach Investigation Report (DBIR) also blamed China for cyberattacks and pointed the finger at the country as a main instigator of data breaches. China topped a list of threat origins, claiming 30 percent of data breaches, 96 percent of which were linked to cyber-espionage. Romania came in second at 28 percent and the United States trailed in third with 18 percent. Bulgaria and Russia took fourth and fifth place.
However, it may not just be external threats we should worry about, but also the risk generated through our own psychology. Earlier this month, speaking at the 2013 RSA Conference, Akamai’s chief security officer Andy Ellis suggested that human reaction to risk factors is a common problem when attempting to defend against cybercrime. Ellis argues that even if security experts warn a firm about potential risks to their networks or company infrastructure, business leaders may have a psychological disposition to either tolerate a certain amount of risk, or even to seek it out. Although our top priorities should be in securing a business and increasing profit, human risk factors can often be as much to blame as outdated security protocols.