http://www.prolexic.com | Recent years have marked a significant rise in distributed denial of service (DDoS) activity from Asia with targets within the region and around the world. Prolexic has observed malicious actors compromising Chinese and other Asian IT resources and using them as command and control (CnC, CC or C2) and zombies in DDoS botnets. In fact, in Q4 2013, six the top ten source countries for DDoS activity were in Asia. Learn more about the Asian DDoS threat in this short presentation.

1. The Asian DDoS Threat
Q4 2013 Global DDoS Attack Report
www.prolexic.com

2. Asia leads the list of source countries for DDoS
attacks
• Six of the top 10 source countries for DDoS attacks are
in Asia
–
–
–
–
–
–
China
Thailand
Korea
India
Turkey
Saudi Arabia
• 19 percent of DDoS traffic came from China in Q4
2013
• The percentage of DDoS attack traffic originating in
Asia increased steadily in 2013
www.prolexic.com

3. Asia has become a hub for internet crime
• Opportunities created by economic growth
– Expanded use of the Internet
– Data center resources
• Regions with fast technological growth are
susceptible to:
– Lack of oversight
– Lack of management for large server farms
– Lax security
• Result: Significant vulnerabilities that can be
exploited by malicious actors
www.prolexic.com

4. The vast number of Internet users in Asia
contributes to the DDoS threat
www.prolexic.com

5. The Chinese government strategy fuels growth
• The Chinese government has promoted Internet
adoption
• Aggressive policy of building IT infrastructure
• Types of services:
–
–
–
–
–
Co-location
Hosting
Disaster recovery and backup
Managed services
Infrastructure-as-a-Service (IaaS), Platform-as-a-Service
(PaaS) and Software-as-a-Service (SaaS)
www.prolexic.com

6. The Chinese IT infrastructure poses a global
risk
• Huge number of devices
• Dominant OS is Windows XP, but Microsoft will stop
supporting XP in 2014
• The software piracy rate in China of 80 percent
• Pirated software is rarely updated or patched
• China is estimated to have the highest rate of computer
infections of any country
• DDoS botnets are often built from infected devices
• Prolexic has observed Chinese DDoS toolkits
• Much of the country’s IT infrastructure is state-owned
• The Chinese state may itself launch DDoS attacks
www.prolexic.com

7. Mobile usage outstrips desktops
• China has more than 400 million mobile users
• Mobile Internet usage has surpassed the desktop
• There are strong indications that these devices
also have high infection rates
• There were an estimated 162,000 mobile malware
programs in China
• Mobile devices participate in DDoS attacks
• Prolexic anticipates an increasing role for mobile
devices in DDoS campaigns
www.prolexic.com

8. Global distribution of CHARGEN DDoS attack
IPs shows a cluster in China
www.prolexic.com

9. Prolexic Q4 2013 Global Attack Report
• Download the Q4 2013 Global Attack Report for:
–
–
–
–
More details about the DDoS threat from Asia
Asian hacktivism
Asian DDoS toolkits
Global DDoS attack trends
•
•
•
•
Year-over-year and quarter-by-quarter comparisons
Types of attacks used
Network protocols at risk for abuse by attackers
Industries targeted
– Details about real attacks mitigated by Prolexic
www.prolexic.com

10. About Prolexic
• Prolexic Technologies is the world’s largest and
most trusted provider of DDoS protection and
mitigation services
• Prolexic has successfully stopped DDoS attacks for
more than a decade
• Our global DDoS mitigation network and 24/7
security operations center (SOC) can stop even the
largest attacks that exceed the capabilities of other
DDoS mitigation service providers
www.prolexic.com