US Hosts Most Botnets Around the Globe

Level 3 communications, a telecom giant confirmed that the largest source of command and control (C&C) botnet traffic in the world was the United States, accounting to nearly 20% of the total botnet traffic in the world. IT’s due to the “proximity to valuable targets at home and abroad,” that the US figured as the largest source of botnet traffic, according to Level 3. Additionally, internet infrastructure that’s advanced and easy to use also helped botnets have such a significant presence.

Safeguarding the Internet

The research report titled ‘Safeguarding the Internet’ tracked and studied a 1000 C&C servers over the first quarter of 2015. The report also revealed that:

  • More than 600 of the 1000 servers studied were being used to target corporate players through malicious communication.
  • The Ukraine came second after the US.
  • Russia figured in 3rd place in the global list.
  • The average number of hosts per botnet command and control is 1700.
  • Surprisingly, the Netherlands was the first among countries in continental Europe.

A similar advanced and robust infrastructure and an ideal location makes it an ideal location to initiate base attacks, noted Level 3.

Highlighting the above countries, Level 3 added:

“Unusual communications to these countries should be automatic red flags for IT and security organizations. A review of whether servers should be communicating, authenticating or transferring data with endpoints in certain high-risk countries can be a predictor of potential threats to your environment or an indicator of a potential compromise.”

The numbers which show the countries at the receiving end of most botnet attacks make for interesting reading.

  • Norway is at the very top of the target list, bearing the brunt of nearly 22% of botnet attacks.
  • The United States came second.
  • Spain also figured to round up the top three.

Similarly, actual victims in numbers as end-users, or unique IP addresses showed that:

  • China was the worst hit, with 532,000 victims in the space of a single quarter.
  • The US came second, with nearly 528,000.
  • Norway came third, with 213,000 victims.

Level 3 communications also revealed that the volume of victims per command and control botnet attack declined over the course of the quarter. Numbers revealed that January showed a high of 3763, down to 338 in March.

The report also showed that prices and costs for hiring botnets have been aggressively rising from an average of $20 in 2013 to nearly $190 a month in the US today. Significantly and alarmingly, nearly 1 out of every 4 botnets also perform multiple functions.

The report in full can be downloaded here.