If your website does not serve or sell to these countries and has nothing to do with them, and in addition to these, if you are constantly getting bot attacks from these countries, here are the countries to block (even if ASN based block is not enough) in Cloudflare WAF:
- China (allowing Baidu)
- Russian Federation (allowing YandexBot)
- Iran
- Iraq
- Ukraine
- Syria
- Romania
- India
- Pakistan
- Afghanistan
- Bangladesh
- Indonesia
- Taiwan
- Singapore
- Egypt
- Nepal
- Vietnam
- Venezuela
- Malaysia
- Thailand
- Hong Kong
- Algeria
- Japan
- Estonia
- Brasil
- Ukraine
- Philippines
- Latvia
- Lebanon
- North Korea
- Turkey
Block any countries you don’t plan on doing business with.
Cloudflare rule: (ip.geoip.country in {“AF” “BD” “CN” “EE” “HK” “IN” “ID” “IR” “IQ” “JP” “KP” “LB” “NP” “PK” “SG” “SD” “SY” “TW” “VE” “VN” “LV”} and not cf.client.bot)
Which Countries Are Cyber Attacks The Most?
| 1. | China | 41 percent (of the world’s attack traffic) |
| 2. | U.S. | 10 percent |
| 3. | Turkey | 4.7 percent |
| 4. | Russia | 4.3 percent |
| 5. | Taiwan | 3.7 percent |
| 6. | Brazil | 3.3 percent |
| 7. | Romania | 2.8 percent |
| 8. | India | 2.3 percent |
| 9. | Italy | 1.6 percent |
| 10. | Hungary | 1.4 percent |
Does Geo Blocking Work?
One may say that limiting traffic from one area has been successful. Attacks can still be launched by attackers who live on such islands. A hacker who has worked with complex systems will be more adept at routing requests to the correct recipients.
How Does Geo Ip Blocking Work?
URL filtering, a technique that protects websites by obstructing online traffic from any specific nation, is a powerful tool for thwarting hackers. based on IP addresses that have a geographic origin, therefore network connections are restricted according to that area.
Which nations ought to be blocked by your firewall?
The top 10 countries at the start of cyberthreats include Brazil, China, Germany, Iran, Italy, Netherlands, Russia, Thailand, Ukraine, and Viet Nam. Threat levels for the aforementioned nations have not been ranked alphabetically.
Traffic to and from a specific area is blocked by geo-IP filtering. Which countries you choose to exclude from your search will depend on your security objectives. You can obtain these lists, for instance, if you want to block nations based on which ones are the least developed (third-world countries): https://www.nationsonline.org/oneworld/third_world.htm
There are various forms of attackers, including undetected attacks by worms or robots.
In order to discover an open system to attack, they frequently scan millions of IP addresses for a few known flaws.
Following infection, the target will become part of a botnet.
There may be additional attack types where the criminal element is more prominent.
This is perhaps where skilled hackers unite and establish a group.
Gangs of professional cybercriminals
Then, target huge corporations on a professional level with the intention of breaking in and stealing data.
Then they will demand a large ransom to keep the information from being made public.
Every year, businesses, the public sector, including governments, and hospitals lose billions of dollars due to ransomware attacks.
To prevent ransomware attacks, it is advised to start implementing effective anti-hacker procedures.
1 -Russia
From here, we frequently witness professional hacker gangs pursuing victims and then engaging in blackmail.
They have been charged with providing a safe haven for ransomware gangs as long as they are not hacking into the personal data of citizens in their own nation.
2 – China
China is the source of several automatic robot worms that expand botnets by adding victims.
3 – Turkey
Here, we may observe the expansion of professional hacker gangs. To swiftly attack a victim and take data, they focus primarily on SQL Injection vulnerabilities.
4 – Brazil
Botnet activities and automated checks from Brazil.
5 – Bangladesh
Low Level Vulnerabilities Scanners.
6 – Pakistan
Scanners for Common Vulnerabilities in the Lower Medium Risk Category, which Most Victims Have.
7 – India
Additionally to hacking operations, there are a lot of call center scams. when people are called and conned into donating money.
8 – Nepal
From where many botnet activities originate.
9 – Romania
Romanian hacking gangs are well-known. even a television program called Hackerville about it aired on HBO in 2018.
10 – Afghanistan
Increased botnet activity.
July 2022 Update By Spamhaus.com
TOP 10 WORST BOTNET COUNTRIES▲
| 1 | China | 889975 |
|---|---|---|
| 2 | India | 448001 |
| 3 | United States of America | 402585 |
| 4 | Indonesia | 181004 |
| 5 | Thailand | 170714 |
| 6 | Egypt | 144981 |
| 7 | Algeria | 119365 |
| 8 | Viet Nam | 105215 |
| 9 | Brazil | 103710 |
| 10 | Pakistan | 76922 |
TOP 10 WORST BOTNET ISPS▲
| 1 | amazon.com | 310704 |
|---|---|---|
| 2 | airtel.in | 256673 |
| 3 | djaweb.dz | 129748 |
| 4 | chinanet-js | 124803 |
| 5 | telkom.net.id | 111377 |
| 6 | chinanet-ah | 83705 |
| 7 | unicom-ln | 69198 |
| 8 | tot.co.th | 62414 |
| 9 | chinanet-fj | 61977 |
| 10 | chinamobile.com | 55351 |
