GO
Loading...

China originates 35% of 'nuclear bomb' cyber attacks

Over a third of cyber-attacks come from China, according to U.S.-based content delivery network Akamai Technologies, with the nation once again topping the global charts for hacking.

The report uses measurements from monitoring systems – which it calls "unadvertised agents" -- deployed across the internet which log connection attempts. Akamai then assesses whether these attempts are "attack traffic".

In the third quarter of 2013, China originated 35 percent of these attacks, Akamai said, up from 33 percent in the previous quarter. China overtook Indonesia, who had taken a surprise lead in the second quarter and since fallen back to second place with 20 percent of attack traffic. The U.S. was in third, ahead of Taiwan and Russia. Akamai state that It is important to note that the originating country as identified by an IP (internet protocol) address may not represent the nation in which an attacker resides.

(Read More: Alibaba's growth slows for Yahoo, IPO buzz builds)

"Overall, the concentration of attacks declined during the third quarter of 2013, with the top 10 countries originating 83 percent of observed attacks, compared to 89 percent in the second quarter. China and Indonesia, however, continued to originate more than half of all observed attack traffic," the report, released on Tuesday, said.

Akamai it saw more attacks through the third quarter of 2013 (807 attacks) than it did in all of 2012 (768 attacks).

Zmeel Photography | E+ | Getty Images

China has on many occasions been accused of being a haven for hacking activity. A report by the cyber security company Mandiant on February 19 identified a unit of the 2nd Bureau of the People's Liberation Army (PLA) as being the most likely culprit in hacking attacks on a wide range of industries.

Chinese officials have stringently denied the accusations. At a press conference in Beijing back in April, General Fang Fenghui of the PLA said that the activities were not tolerated in China and that the country itself suffers from the attacks.

"As the Internet is increasingly used, as the Internet is getting access into more and more important terminals, if the security of the Internet cannot be guaranteed, then I may not – I cannot exaggerate the importance of the Internet. The damaging consequences being caused may not—may be as serious as a nuclear bomb," he said, according to a transcript of the speech on the Joint Chiefs of Staff website.

Akamai - whose clients include Yahoo and Microsoft - also reported that distributed denial-of-service attacks (DDoS) saw a slight decrease. This form of hacking attack is akin to reloading a web page at a constant and prolonged rate which slows and disrupts web traffic. It was believed to be behind the attacks on bitcoin exchanges last April where DDoS attacks were used to spread panic and drive down the price of the virtual currency.

(Read More: China Internet outage could have been hacking attack)

For the first time since the fourth quarter of 2012, fewer DDoS attacks were reported than the previous quarter, it said, with 281 observed in the third quarter of 2013 compared to 318 during the second quarter.

"During the quarter, 27 customers were attacked for a second time; five reported three attacks; and seven companies were attacked more than three times. Initial analysis of the data indicates that if a company is the target of a DDoS attack, there is a 25 percent chance that it could be attacked again within three months," the report said.

Raj Samani, the chief technology officer of McAfee EMEA disputes the accuracy of the data, suggesting that identifying the geographical source of any given attack requires more than analyzing the source IP address.

"Many of the most high profile attacks have leveraged compromised systems across the globe in an effort to hide the true source of the attack," he told CNBC via email.

"Another way to look at the data is, what countries are the most attractive to make the attack appear to originate from? The motivation is of course very simple when international law enforcement confirm that cyber criminals can effectively carry on with impunity if they choose the right jurisdictions from which to carry out their attacks."

By CNBC.com's Matt Clinch. Follow him on Twitter @mattclinch81

Latest Special Reports