dstiles - 9:03 pm on Mar 28, 2013 (gmt 0)
My view on this is:
Chinese hits are very often broadband-based, hence either a local (small-scale) server or (more likely) part of a botnet - individually the bandwidth is low but lots of machines make it higher. This is a scenario not constrained to China but operating in all countries to a greater or lesser degree.
Why China? As with several under-capitalized and anti-capitalist societies, there are a lot of pirated copies of windows in use. Pirated copies are not updateable through MS - they refuse access for updating (or at least used to - no current info). The result is a lot of very vulnerable operating systems which are easily compromised.
My hope is pinned, in China, on the Chinese version of Ubuntu they are supposed to be promoting. If the average person there runs Linux (which is free) there is a very much lower chance of those machines getting viruses - Linux is much more difficult to infect than either Windows, Mac or (eg) Android.
What I was posting about was the criminals themselves using AWS, G and lots of other clouds as Command & Control (C&C) servers but mostly about them being the hosting servers for web sites that serve up the viruses - botnets can't do that very well unless they include genuine high-bandwidth servers in their net to host the web sites (and where is the easiest place to get those now? Right...). The clouds are fair game: they are easy to install sites on to serve viruses and other compromising software.
Latest mention today is Evernote, which is being used to share C&C information around botnets and to then store the stolen data en route to the criminals' own system.
Given such use of clouds and the fact that before very long there will certainly be a report of a cloud data-breach, anyone for using a cloud to store their own data?
As an aside: Spamhaus has been hit by DDoS attacks three times greater than those directed at US banks. From China? Russia? Nope. From Cyberbunker in Netherlands - another prime source of badness. Cyberbunker have a bad reputation for spamming as well as providing hosting for the infamous Russian Business Network.