Using data collected from a community based log correlation system that collects data from sensors covering more than 500,000 IP addresses in over 50 countries, the NCC Group was able to plot its latest report on the origination of computer hacking attempts for the first quarter of 2012.
The United States is the leading country for hacking attempts, followed by China with Russia coming in third. For the first time, the UK made an appearance in the top ten.
The stats, based on intrusion detection logs monitored by DSHield, a community-based collaborative firewall log correlation system that receives logs from volunteers world wide and uses them to analyze attack trends, count unauthorized attempts to networks, and don’t actually represent “successful” hacks or intrusions.
The results, however, have one caveat, which is while the statistics show the source of attacks, these attempts can easily route through IP addresses in different countries, making sources misrepresented. The results, then, are just and indicator of where the strongest level of attacks come from.
Overall, NCC noted the top ten changed significantly since its previous report three months ago. Italy, France and India dropped of the top ten, while the Ukraine in 5th, South Korea in 9th and the UK worked their way onto the list.
Additionally, Russia showed a large increase, with over 12% of global hacks originating from the country. Notably, there was also a rise in hacks appearing to originate from the Netherlands, up from 3.1% to over 11%, moving it into 4th place.
“Cyber crime is perpetually evolving — the dramatic increase of hacks from certain countries over a three-month period just goes to show the fluidity and quick-changing nature of the issue,” said Rob Cotton, NCC Group’s chief executive. “Because cyber crime develops and alters on a daily basis, so too must the counter-measures. We need greater agility and collaboration on an international scale.”