According to a research carried out by Symantec, Turkey has taken the leading position in terms of highest botnet population in EMEA (Europe, the Middle East and Africa), with Istanbul and Ankara having the highest and second highest botnet controlled devices. Italy comes second with Rome, and Hungary is next with cities Budapest and Szeged.
Here is the full list:
This map reveals which countries and cities unwittingly played host to the most bot-infected devices, such as PCs, Macs, smartphones, tablets and connected home devices, across Europe, the Middle East and Africa (EMEA) in 2015.
Why EMEA?
This region appears to be the most appealing target for attackers. On one hand, this is due to the recent increase in high-speed internet and connected devices seen in these countries. On the other hand, security awareness and education may not be sufficient enough and hence, the intensity of attacks is also increasing.
The remote control of these devices enables malicious hackers to perform a range of malicious activities:
- Sending spam messages;
- Click-fraud attacks for the purpose of pay-per-click schemes;
- Launching DDoS attacks.
The basic lack of security in multiple connected home devices such as routers, modems, sensors is often triggered by the fact that the devices are likely not monitored or updated by both the manufacturer and the user.
Top Countries for Bot Density
Hungary is the number one country for bot density, or the proportion of bot infections compared to the country’s overall Internet connected population. This also means that users in Hungary have a one in 393 chance of using a device which has been “acquired” by a botnet.
The principality of Monaco is where users are prone to the second largest chance of botnet-controlled devices. There’s a one in 457 possibility of running a zombie device used for cyberattacks and malicious schemes.
An important remark here is that the location of the bot doesn’t provide any information of where the hacker really is or where the attack may occur. This is mostly because of the anonymity the dark net caters for cybercriminals and their botnets.
Paul Wood, head of cybersecurity research at Symantec, has added that:
Botnets are global in nature, and an infected device in Europe could contribute to an attack in Asia, controlled by a cybercriminal in North America. We’d probably have bots attacking from the Antarctic if there was more bandwidth there.