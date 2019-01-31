|
|[October 18, 2018]
|
New Report from NSFOCUS Analyzes 27 Million Attacks in H1 Cybersecurity Insights Report
NSFOCUS,
a leader in holistic hybrid security solutions, today released its H1
Cybersecurity Insights report, which highlights the observations of
the NSFOCUS
Threat Intelligence center, a security research organization created
by NSFOCUS for implementing an intelligent security 2.0 strategy and
improving the cybersecurity ecosystem. NSFOCUS analyzed traffic from
January 1, 2018 to June 30, 2018.
Key findings from the H1 Cybersecurity Insights report include:
Crypto Miners
-
Since the end of March, the number of crypto mining activities has
risen sharply compared to the beginning of 2018.
-
Among all crypto miners, WannaMine was the most active, responsible
for more than 70 percent of all detected crypto mining activities
detected by NSFOCUS.
Recidivist Attackers
-
Among more than 27 million attack sources detected by NSFOCUS in the
first half of 2018, 25 percent were responsible for 40 percent of
attack events. This implies that "recidivists" (attack sources found
to be repeatedly linked with malicious behaviors) are more threatening
than other attack sources.
-
The large proportion of recidivists indicates that it is a common
practice among attackers to reuse attack resources. China, the USA,
and Russia are home to the most "recidivists."
-
Government agencies, energy, education, and finance sectors are most
favored targets, suffering 90 percent of recidivist attacks, due to
the large volume of business, extensive distribution, and more
sensitive data.
IoT Impact on Attack Types
-
During the first six months of 2018, there were fewer new Trojan
variants than botnets and worms. This is linked with the proliferation
of networked hosts and IoT devices in part due to the reduction of
hardware costs. Due to the high activity of backdoor programs, evice
and network administrators need to upgrade devices and check their
configurations regularly.
-
Backdoor activity remained at high levels and then peaked in May at
6,000,000 before falling to more nominal levels. Backdoors are common
malicious programs that can provide remote control access solely
through default login interfaces of IoT devices.
DDoS Traffic
-
DDoS attack traffic drops sharply when the government exercises
security governance during substantial events both physical and cyber.
In the first half of 2018, the amount of DDoS traffic seen in the
network environments in China is somewhat suppressed due to the
government's traffic governance for major events.
-
61 percent of DDoS attack sources have launched only DDoS attacks over
a long period of time. Common DDoS attack resources include reflectors
and controlled hosts or devices, whose IP addresses or IP address
ranges are relatively fixed. However, about 9 percent of DDoS attack
sources launch exploit attacks later.
"Looking ahead to the rest of 2018, vulnerabilities will continue to be
discovered each and every day and the need to exploit those found will
always be present. We've noticed that attackers prefer to reuse tactics
and exploits, so patching regularly is critical for IT professionals,"
said Guy Rosefelt, Director, Threat Intelligence & Web Security,
NSFOCUS. "We also believe DDoS traffic will remain a great scourge on
the Internet. Arguably, most hackers are capable of causing enormous
amounts of traffic and their capability is increasing, which will
continue to be a great challenge to defenders and security governance
personnel."
To download a copy of the H1 Cybersecurity Insights report, please visit https://nsfocusglobal.com/2018-h1-cybersecurity-insights/.
About NSFOCUS, Inc.
NSFOCUS, Inc., a global network and cyber security leader, protects
enterprises and carriers from advanced cyber attacks. The company's
Intelligent Hybrid Security strategy utilizes both cloud and on-premises
security platforms, built on a foundation of real-time global threat
intelligence, to provide multi-layered, unified and dynamic protection
against advanced cyber attacks.
NSFOCUS works with Fortune Global 500 companies, including four of the
world's five largest financial institutions, organizations in insurance,
retail, healthcare, critical infrastructure industries as well as
government agencies. NSFOCUS has technology and channel partners in more
than 60 countries, a member of the Microsoft (News - Alert) Active Protections Program
(MAPP), StopBadware.org, and the Cloud Security Alliance (CSA).
A wholly owned subsidiary of NSFOCUS Information Technology Co. Ltd.,
the company has operations in the Americas, Europe, the Middle East and
Asia Pacific.
Visit the website: www.nsfocusglobal.com
Read
the blog: http://nsfocusglobal.com/category/blog/
Follow
on Twitter (News - Alert): https://twitter.com/NSFOCUS_Intl
Follow
on LinkedIn (News - Alert): https://www.linkedin.com/company/nsfocus
Follow
on Facebook (News - Alert): https://www.facebook.com/nsfocus/
NSFOCUS; NSFOCUS, INC. and NSFOCUS Anti-DDoS System (ADS) are trademarks
or registered trademarks of NSFOCUS, Inc. All other names and trademarks
are property of their respective firms.
View source version on businesswire.com: https://www.businesswire.com/news/home/20181018005229/en/
[ Back To TMCnet.com's Homepage ]