SecureWorks, a "Security-as-a-Service" provider, says its analysis has revealed that the US ranks at the top of the list for the number of attacks made on other computers on the internet. With 20.6 million attacks attempted from within its own borders, it has a huge lead over China, the runner-up with only 7.7 million such attempts.
SecureWorks concludes from this result that the USA and China have a lot of vulnerable computers, and that entire university networks in China are already held by local hackers, who use them to build extensive botnets. It adds that many computers in schools, data centres and companies are also infected, apparently without anyone having noticed. Reportedly, hackers are frequently assisted by insiders who have direct access to the affected networks. It appears that Japanese and Polish hackers have similar tastes when selecting vulnerable computers, and have compromised computers in their own countries in order to misuse them for attacks on other computers.
SecureWorks says its results show, among other things, that merely setting a firewall to bar the IP address ranges of foreign countries does not give effective protection against attacks. It says it has observed 166,987 attacks on its own clients' computers from Brazil, 162,289 from South Korea, 153,205 from Poland, and 110,493 from Germany.
In addition to virus scanners and regular updates, the defensive measures recommended by SecureWorks include the use of blacklists to prevent communications with networks known to be malicious.