Three unsettling but inescapable realities jump from the pages of SDN Communications’ Cybersecurity Intelligence Report for 2017:
- The Sioux Falls region is by no means isolated from national attack methods, such as the one that successfully targeted Equifax and exposed the personal information of tens of millions of Americans.
- Cyberattacks keep getting bigger. The largest Distributed Denial of Service strike, or DDoS attack, in the region happened during the fourth quarter of the year.
- There is a lot of bad, suspicious and unwanted traffic moving on the internet. On a monthly basis, SDN Managed Firewall Service flagged and filtered out anywhere from about one-fourth to half of all traffic.
“The challenge facing cybersecurity leaders and professionals certainly isn’t lessening. Cybersecurity experts must be vigilant, aware and thorough in their use of layered security,” SDN security experts conclude, in part, in the newest report.
“Patch management needs to be a top priority for cybersecurity leaders and professionals. Updating systems routinely is a key component of staying safe and secure,” the experts advise.
SDN recently published its Cyber Threat Landscape Cybersecurity Intelligence Report for the fourth quarter of last year and for the full year of 2017.
In addition to a timely, general summary of the local threat landscape, SDN’s reports provide detailed information about, for example, common attack vectors and application security risks.
Hackers’ exploitation of a security vulnerability in Apache Struts web applications software was among the biggest cybersecurity events of the past year, nationally and internationally.
An attack on the vulnerability is what humiliated the Equifax credit-reporting service. Locally, SDN’s Managed Firewall Services detected 4,769 attempted attacks on the security flaw in March.
“What strikes me is how you can see a particular attack or threat vector jump on the national landscape and literally watch it make its way across the globe and show up in our threat landscape reports,” said Theron McChesney Supervisor of Business Intelligence. “It’s clear the bad guys are rushing to exploit the latest weakness before systems can be patched.”
Clearly, businesses in the Sioux Falls region are not immune from attacks.
DDoS attacks also are common in the region. DDoS attacks are incidents in which attackers unleash volumes of malicious traffic to disrupt and at least temporarily disable a targeted computer network or program. Online gamers disrupting competitors are blamed for a lot of DDoS attacks, but criminals use them as a weapon, too.
Most DDoS attacks in the region in 2017 lasted less than 30 minutes. However, it isn’t uncommon for attackers to repeatedly start and stop attacks to make mitigating them more difficult, according to the report.
During the last three months of 2017, equipment used by organizations that subscribe to SDN Managed DDoS Protection detected an average of 9.4 DDoS attacks a day. The average for the full year was a little lower: eight attacks per day.
The largest attack of the year, which came in the fourth quarter, measured at a whopping 52.8 gigabits per second. However, a low and slow attack of less than 1 GBPS is capable of knocking most organizations offline.
"Most companies don’t have the internet capacity to warrant throwing a multi-gigabit attack at them," McChesney said. "Malicious actors discovered long ago, it's far more efficient and cost-effective to send lower volumes of continuous or intermittent DDoS traffic. The target will still be overwhelmed and the attack is more likely to go unnoticed by the larger carriers routing the malicious traffic.”
The amount of traffic blocked month-to-month by SDN Managed Firewall Service also is striking. Blocked traffic peaked during the spring and summer months at roughly half of all electronic traffic. During other months, blocked traffic ranged from about a fourth to a third of all traffic.
During the final quarter alone, managed firewalls blocked more than 13,180 botnet infections, about 156,500 viruses and nearly 155,000 other forms of malware.
“The sheer volume of information coming through your network is nothing to take lightly,” SDN cybersecurity experts note. “Implementing the necessary safeguards will pay off in the long run.”
Visit the Cyber Threat Landscape Report Archive for full access to all of our reports.