State of the Internet
Den 31:a Januari släppte Akamai en rapport över säkerheten på dagens internet, och rapporten är ganska bister. Jörgen Städje, IT-expert och skribent på IDG.se har förståelse för FRA, och varför det behövs i dagens hårda IT-klimat. Det har varit hårda attacker de senaste två åren, och de kriminella organisationerna blir bara effektivare, då det hela tiden blir mer för dom att roffa åt sig. Attackerna mot Estland, år 2007 är ett ganska bra exempel, där en okänd makt nästan sänkte hela nätet i landet. Man har dock spårat vissa IP-adresser till Ryssland. Stuxnet är en annan elakartad kod, en specialskriven mask som kan förstöra urancentrifuger. Ett mer lokalt exempel är bedragarna som nu ringer runt och uppger sig vara från Microsoft, och vill koppla upp sig mot din dator. Desto mer uppkopplade vi blir, desto mer utsatta blir vi för sådan verksamhet, vilket är lite oroande som det ser ut idag.
Världens myndigheter håller redan på att rusta upp sig för cyberkrig, och anställer duktiga knackare som ska skydda sitt land i cyberspace. USA, krigspionjärer som de är, kommer att i framtiden betrakta cyberattacker som vilken krigshandling som helst. Man kan säga att nästa kalla krig står runt hörnet.
Rapporten från i Januari är inklistrad nedan. Jörgens krönika är här.
CAMBRIDGE, MA – January 31, 2012 – Akamai Technologies, Inc. (NASDAQ: AKAM), the leading cloud platform for helping enterprises provide secure, high-performing user experiences on any device, anywhere, today released its Third Quarter, 2011 State of the Internet report, based on data gathered from the Akamai Intelligent Platform™. The report provides insight into key global statistics such as Internet penetration, mobile traffic and data consumption, global and regional connection speeds, and observed attack traffic.
Akamai has recorded a 2000 percent increase in the number of DDoS attack incidents it has investigated on behalf of customers over the last three years. Additionally, observations by Akamai indicate that port-based attacks are still prevalent and being launched from around the globe. While the origin of this observed attack traffic could be individuals searching for easily compromised systems or botnets looking to recruit new participants, the observations indicate an ongoing need for solid network and systems hygiene to help prevent further system compromise and infection. The growing sophistication and intensity of Web-based attacks and the ongoing prevalence of port-based attacks highlight both the importance of online security, and the need for a defense-in-depth strategy.
Attack Traffic from Asia
During the third quarter of 2011, attack traffic originated from 195 unique countries or regions, up from 192 in the second quarter. In examining the continental distribution of observed attack traffic in the third quarter, we uncovered that slightly more than 49 percent originated in the Asia Pacific/Oceania region, up from 47 percent last quarter. Indonesia vaulted to the top of the list this quarter, generating 14 percent of observed attack traffic. Taiwan and China held the second and third place spots, respectively, accounting for just under 20 percent of observed attack traffic combined. Myanmar, which suddenly appeared at the top of the list in the prior two quarters, disappeared just as suddenly, potentially indicating that attack traffic has either been shut down, or is now coming from other places. With Myanmar dropping out of the top 10 list, South Korea moved in. The country more than tripled its observed level of attack traffic, representing 3.8 percent in the third quarter. In addition to South Korea and Indonesia, Taiwan, China, India, and Egypt were all responsible for higher percentages of attack traffic as compared to the prior quarter. Attack traffic originating in Europe was down slightly to 28 percent; North & South America accounted for nearly 19 percent; and the remaining 4 percent came from Africa.
Top Ports for Attack Traffic
Attack traffic concentration declined slightly from the second quarter, with the top 10 ports seeing 68 percent of observed attack traffic. Attacks targeting Port 80 (WWW/HTTP) dropped by about a third as compared to the second quarter, while attacks targeting Port 23 (Telnet) grew by almost the same amount. The growth in attacks targeting Port 23 is likely due to attacks apparently sourced in Egypt and South Korea – in Egypt there were over 18x as many attacks targeting Port 23, and in South Korea, nearly 4x as many attacks as the next most targeted port, which was Port 445 in both countries.
Reviewing observed attack traffic from known mobile networks, overall attack traffic concentration declined from the prior quarter, with the top 10 countries generating 76 percent of observed attacks. The list of top ports targeted remained consistent with the second quarter, with Port 445 remaining the target of an overwhelming majority of observed attacks as compared to the other ports in the top 10.
[b]Additional highlights from the report include:[/b]
Internet and Broadband Adoption
In the current report, the global average connection speed was recorded at 2.7 Mbps, and the global average peak connection speed was 11.7 Mbps. At a country level, South Korea had the highest average connection speed, at 16.7 Mbps, as well as the highest average peak connection speed, at 46.8 Mbps. Cities in Japan and South Korea continued to hold many of the top spots for highest peak connection speeds. Globally, high broadband (>5 Mbps) adoption grew to 29 percent with South Korea leading at 79 percent. Global broadband (>2 Mbps) adoption increased to 66 percent, with Bulgaria continuing to have the highest level of broadband adoption, at 96 percent. Global narrowband (<256 kbps) adoption continued to decline, dropping to 2.5 percent. Libya’s 55 percent narrowband adoption rate placed it as the country with the highest level of connections in this speed range.
In the third quarter, more than 615 million unique IPv4 addresses from 239 countries/regions connected to the Akamai platform – 1.8 percent more than the second quarter, and 15 percent more than in the third quarter of 2010. Nearly 200 countries/regions saw year-over-year growth, with Brazil, Italy, and China all experiencing growth of 25 percent or more.
As more end-user networks roll out native IPv6 connectivity to their subscribers, and as more and more popular content is made available over IPv6, the number of unique IPv4 addresses making requests to Akamai from a given network provider may decline. Over the long-term, we expect measurements to show movement of unique addresses from IPv4-based to IPv6-based.
Mobile Connectivity
Average connection speeds on known mobile providers ranged from 6.1 Mbps down to 327 kbps, while average peak connection speeds in the quarter ranged from 22.2 Mbps to 1.4 Mbps. Looking at mobile content consumption, users on nine mobile providers consumed on average more than one gigabyte (1 GB) of content from Akamai per month, while users on an additional 75 mobile providers downloaded more than 100 MB of content per month. In addition, based on data collected by Ericsson, mobile data traffic continued to double on a year-over-year basis, and grew 18 percent between the second and third quarters of 2011.
100 Fastest Cities Worldwide
In the third quarter of 2011, analysis of the top 100 fastest cities around the world, based on average connection speeds, reflected the following:
Cities in Asia continue to dominate the list, including South Korean cities rounding out the top 5 and 57 cities in Japan making the list
Amsterdam, Netherlands is the fastest city in Europe (#33 out of 100)
23 U.S. cities made the list, with San Jose, CA ranking as the fastest (#13 out of 100)
"USA, krigspionjärer som de är, kommer att i framtiden betrakta cyberattacker som vilken krigshandling som helst. Man kan säga att nästa kalla krig står runt hörnet."
Ironiskt då att det är USA samt Israel som pekas ut för att ha skapat Stuxnet.
Burn in the light.