DDoS on the Move: in Q1 More Countries Suffered Botnet Attacks

By   ISBuzz Team
Writer , Information Security Buzz | Jun 08, 2015 07:00 pm PST

Cybercriminals in Q1 2015 carried out more than 23,000 botnet-assisted DDoS attacks on web resources located in 76 countries. Servers in the USA, Canada and China were most frequently targeted, while the top 10 victims also included resources in Europe and the Asia-Pacific region, according to Kaspersky Lab’s latest statistics.

The greatest number of attacks on a single web resource in Q1 was 21 – about two attacks a week. In Q4 2014, the equivalent figure was 16. The most protracted botnet attack in Q1 was almost six days long.

There were a total of 23,095 attacks in Q1. These affected targets in 76 countries, up 15 per cent from the 66 countries affected in Q4, 2014. Information systems located in China, the USA and Canada in Q1 suffered most from DDoS attacks. These attacks were commanded by C&C servers predominantly located in the USA, China and the UK. China and the USA’s leading positions in both rankings can be explained by the relatively cheap prices for web hosting in these countries, so most data centres are located there.

A DDoS attack is often a cross-border effort; the customer is located in one country, the executor in another, the C&C servers are hosted in a third country, and the bots involved in the DDoS attack are scattered across the world. This often makes it more complicated to investigate attacks, take down botnets and catch those responsible. Although cybercriminals do not limit their DDoS toolkits to botnets alone, this is still a widespread and dangerous tool, and it demands preventive protection measures from potential targets, i.e. web resources,” commented Evgeny Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab.

Kaspersky Lab recommends the use of dedicated security solutions to filter cybercriminals’ junk requests from legitimate web traffic. Thus,Kaspersky DDoS Protection combines Kaspersky Lab’s proven expertise with in-house technology such as DDoS Intelligence. DDoS Intelligence is a system that analyses the information sent from C&C servers to botnets, and aims to improve protection against DDoS attacks. Kaspersky Lab’s statistics on botnet activity in Q1 was prepared based on the data collected by DDoS Intelligence.


The complete text outlining the statistics is available at Securelist.com. To learn more about the principles behind Kaspersky DDoS Protection, read this document.

About Kaspersky Lab

Kaspersky LabKaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 17-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 400 million users worldwide. For more information visit www.kaspersky.co.uk.

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x