In the "egg on the face" department this morning IBM had to retract an item made in their Global Business Security Index Report that 1.2 million cyber attacks originated in New Zealand. This would make Kiwis the per capita hacker kings! Evidently, IBM was using IP addresses to identify origins.
Note to those trying to determine sources of attacks:
1. IP addresses are not a good indicator of source. They can be moved. 2. IP addresses can be easily spoofed and usually are. 3. Phishing and other attacks are usually done from machines that the attacker has taken over. So, an IP address traceable to Bermuda tells you nothing about the location of the hacker.
I love the last quote from this article.
IBM's statement said the report was put together based on information provided by IBM's 3000 information security professionals. Its findings are widely reported overseas.
It reminds me of the time Sun released Java into the world and all of a sudden IBM had 1,000 Java Professionals.