To reduce cyber risks, businesses need to mechanically monitor what’s leaving their networks as well as what’s coming into them. Blame the prevalence of botnets.
Hackers create malware-carrying programs called bots and sneak them into computer networks by email or other means to help do their dirty work. Networks of infected computers are known as botnets. Hackers can control the infected computers without the knowledge of the owners, and use the botnets for devious purposes, such as conducting DDoS attacks.
DDoS is short for Distributed Denial of Service. In a DDoS attack, a targeted service on a computer network can be slowed or overwhelmed with malicious, electronic traffic. If a company isn’t using a firewall to monitor outgoing computer traffic for indications of problems, the business might not even realize that its network has been infected.
“The consistent prevalence of botnets reminds us monitoring what’s going out of your network is just as important as what’s coming in. Protecting your network takes a combination of cybersecurity tools and good intelligence,” according to the SDN Communications’ Cyber Threat Landscape Cybersecurity Intelligence Report for the second quarter of 2017.
SDN launched the free, quarterly Cybersecurity Intelligence Report earlier in 2017 to help businesses and organizations in the Sioux Falls region stay informed and up to date on the cyber threat environment.
The second-quarter report includes some interesting and concerning data gathered from SDN’s Managed DDoS Protection and Managed Firewall services. The report covers cyber activity between April 1 and June 30. Key findings for the three-month period include:
- There were 565 DDoS attacks on SDN clients during the quarter. That’s about six a day.
- Total DDoS attacks increased by 3.9 percent from the first quarter.
- The size of the average DDoS attack also increased. The size of the average attack rose 4.9 percent from the first quarter to the second quarter to 1.33 gigabits per second. That’s more than enough to take most organizations offline.
- The average attack was 41 minutes long, which is considered unusually high.
Data collected from managed firewalls also is eye-opening.
SDN’s Managed Firewall service stopped more than 100,000 viruses and other infections during the second quarter of the year. To be specific, firewall screening stopped:
- 44,458 viruses
- 44,511 malware infections
- 14,649 botnet infections
- 101 spyware plantings
A whopping 48 percent of all traffic coming into networks was flagged as malicious or as spam and was filtered out.
“Last quarter was dominated by botnets. This quarter we are seeing more diversity in the malicious traffic being identified and filtered,” according to the Cybersecurity Intelligence Report.
“The challenge facing cybersecurity leaders and professionals certainly isn’t lessening. Cybersecurity experts must be vigilant, aware and thorough in their use of layered security,” the report concludes, in part.
SDN experts stress the importance of businesses taking a multi-layered approach in protecting connected devices and networks. That starts with establishing good company policy and providing good, ongoing training to employees.
Layering protection also means protecting a business network from its edges to every workstation.
Hackers have the tools to help locate weak spots in a network, and when they find one, an entire network can fall into jeopardy. Viruses and other malware often attack vulnerabilities in software and outdated equipment. However, hackers exploit human weaknesses, too.
SDN’s Cyber Threat Landscape reports are tools that can help businesses and other organizations develop and maintain an effective cybersecurity strategy.
Visit the Cyber Threat Landscape Report Archive for full access all of our reports.