> Upon closer inspection of Asia, we can notice a significant number of addresses located in South Kora, (and possibly North Korea?), as well as in Taiwan.
> I was surpised to see that the distribution of attacks is extremely uneven with most of it concentrated in parts of Asia, Europe, and the US, and (almost) none from South America, Middle East, and Russia.
Aside from the casual stereotyping of bad actors here, the article completely neglects the fact that just because the attack is sourced from a certain IP/geolocation doesn't mean that the attacker resides in that location.
What you most likely have is a listed of pwned PCs with fast internet connections being used in botnets.
Not seeing how this is stereotyping. He is just presenting his results. Whether those results stem from direct attacks or botnets? He doesn't even speculate.
When I ran public servers a few years ago, I saw similar results. Since the company had no customers in Asia, we IP-blocked the entire continent.
I found the information about the attackers’ quite interesting, because it also seems to disagree with Cloudflare data and my personal experience[1] which shows the US to be the largest originator of attacks.
> I was surpised to see that the distribution of attacks is extremely uneven with most of it concentrated in parts of Asia, Europe, and the US, and (almost) none from South America, Middle East, and Russia.
Aside from the casual stereotyping of bad actors here, the article completely neglects the fact that just because the attack is sourced from a certain IP/geolocation doesn't mean that the attacker resides in that location.
What you most likely have is a listed of pwned PCs with fast internet connections being used in botnets.