Malware reports have come most often from the United States, with many targeted financial and governmental organizations based in the country. But the US is also a huge contributor - malicious IPs originate here more often than any other country but China.
Malware has become a threat to infrastructure, businesses and personal security all over the globe - basically any country with electricity and computers have reported cyber attacks since February of this year. But the United States has the unfortunate honor of being the top reporter of threat data and the second most common country to host malicious IP addresses. The US reported 852 incidents in a span of 5 months. The next country in line, Germany, reported 519 cases, and the distant third was Brazil with 67 cases. The US was beat out by China in terms of hosting malicious sites - the most populous country in the world had 95,249 IPs, the US had 60,346. South Korea, Russia and Taiwan trailed these two heavy hitters with about 16K, 13K and 12.5K, respectively.
Commonly malware propagates as common file types
These numbers come from the distributed participation of an international open-source community - the AlienVault Open Threat Exchange (OTX) which shares the forensics of the most recent cyberattacks. By sampling nearly 30 million entries, over 1 million malicious IPs were detected. The OTX’s users determined not only the originating and target countries of these attacks, but other data that could help Internet users - individual and enterprise - be more aware of the more common files and business categories associated with cyber threats. Malicious content is spread most often by .exe files, the most common program file for Windows OS, as well as HTML content, Zip or RAR compressed files, PDF or Flash files.
And affects the country as a whole and individually
The threat to government, businesses and individuals are all clear when the attacks are categorized by targeted data - intellectual property, finances, personal privacy and industrial control systems are all singled out by malware. The companies and institutions that were affected include NASA, Nasdaq, RIAA, Sony, InfraGard, Citigroup, Wordpress, Qwest Center and Strategic Forecasting, Inc. Several US state governments were victimized, along with those of several other countries. Hopefully, data made available by OTX and others can be used to raise awareness and promote change made possible by IP-originating crime.