Introduction | EMEA Malicious Activity by Geography | Attack Origin by Country | Top Malicious Code Samples
Attack Origin by Country
BackgroundThis metric assesses the top global countries from which attacks originated that targeted the EMEA region in 2011. Note that, because the attacking computer could be controlled remotely, the attacker may be in a different location than the computer being used to mount the attack. For example, an attacker physically located in the United States could launch an attack from a compromised system in Germany against a network in the United Kingdom.
MethodologyThis section measures the top originating countries of attacks that targeted computers in EMEA in 2011. A network attack is generally considered any malicious activity carried out over a network that has been detected by an intrusion detection system (IDS), intrusion prevention system (IPS), or firewall.
Figure E.8 Top attacks by country in EMEA, 2011 Source: Symantec
- The United States continues to dominate attacks on EMEA: In 2011, the United States was the top country of origin for attacks against EMEA targets, accounting for 35.6% of all attacks detected by Symantec sensors in the region. This is the approximately the same percentage as in 2010 and 2009, when the United States also ranked in first position.
- This result is likely due to the high level of attack activity originating in the United States generally, as it was also the top country for originating Web-attacks globally, with 16.9% of the total. It also ranked second position globally as a source for network attacks, with 33.5% of network attacks originating in the United States.
- Moreover, the United States ranked first for overall global malicious activity, with 21.1% of the overall total. The United States also ranked first globally for bot-infected computers (12.6%) and in second position for malicious code (13.3%); much of the attack activity targeting EMEA countries would have been conducted through these malicious bot networks.
- Attacks from China also increased by 7.1 percentage points in 2011,this is owing to a general increase in the number of network attacks originating from China.
- Attacks from Japan, Switzerland, Italy and Spain increased against targets in the EMEA region. These countries did not feature in the top-ten source of attacks in the previous year.