Blocking Chinese IP Addresses
When deciding which countries to block from your network or website you need to consider several factors. The question may be answered easily by deciding to allow traffic originating from countries which you ship to or do business. Another factor to consider is where that country ranks for the amount outbound malicious internet activity. But this statistical ranking can be very misleading.
In 2012 the two countries with the highest overall percentage of malicious outbound traffic are the United States in first place and China in second. Currently the United States accounts for approximately 21% of malicious traffic while China accounts for nearly 15 percent. Does this mean traffic from the USA should be looked at with higher suspicion than China's? No it does not.
A more important factor than overall malicious traffic is the number of IP addresses assigned to each country.
The United States has 36% of the world's IP addresses but only 21% of global malicious outbound traffic. China has 7.7% of the IP addresses and 15% of the malicious outbound traffic globally. This means traffic originating from China has significantly higher odds of being malicious than traffic originating from the United States.
During the first quarter of 2012 our personal experience revealed China originated traffic was nearly 100% malicious, while traffic originating from the United States was 5.8% malicious. While these statistics are anecdotal, they are a huge factor to consider when deciding which countries to deny access to your networks and websites.
Our recommendation: If you are not doing business in China, shipping to China or have other reasons for communicating with IP addresses located in China, you should consider blocking networks assigned to China.