IP Products

Emerging threats

by Mark Rowe

The StealthWatch Labs Intelligence Center (SLIC) – Lancope’s research initiative which tracks emerging threat information, has claimed that 30 per cent the world’s active botnet command and control servers are actually based in the United States. This is three times higher than the second and third most active countries – China (9pc) and Russia (8pc) respectively. Yet, when it comes to Internet scanning for victims to target with brute force attacks or exploit their activity, it is China (44pc) that is the most active followed by Japan (7pc), USA (6pc) and South Korea (5pc). When looking at Backscatter activity (Victims of DDOS attacks), again it is the US that tops the list at 23pc followed by Taiwan (17pc), Japan (10pc) and South Korea (8pc).

Of all the European countries, it is only Germany that features at the top of these lists, in fifth place for both botnet command and Backscatter (6pc and 5pc respectively). The UK’s only appearance in the top ten list is for botnet command and control in sixth place at 4pc. The reason the US and the other countries feature so highly is to be expected as threats often originate from inside large legitimate networks as a result of systems that have been compromised. Under the remote control of botnet operators or other nefarious external parties, these internal systems spread infections, steal data and wreak havoc on enterprise resources.

Speaking about these trends Amrit Williams, Lancope’s CTO, said, “Criminals are actively using legitimate IT resources to ply their trade worldwide. In addition, state sponsored computer network intrusion is an increasing trend that demands attention. The reality is any organisation’s expensive IT infrastructure is at risk of being recruited and used as a botnet, users email addresses abused by Backscatter (DDoS) attacks or their ports scanned. Organisations need not only to be aware of what is knocking at their gateway, but also what is happening within their walls. Instead of perimeter-centric network security to keep the bad guys out, organisations need to realise that they are already – or will be – compromised by increasingly hostile threats. Internal visibility and security context is the key to preventing cyber-attacks from taking over networks, helping to keep not just themselves but everyone safer.”

Amrit Williams, Lancope’s CTO, will be speaking at a seminar titled ‘Targeting the Kill Chain: A multifaceted approach to defence in depth’ in the Technical Theatre on Wednesday 24 April at Infosecurity Europe at 12.40pm.

To find out more about Lancope, and its solutions, products and services visit stand K50 or www.Lancope.com .

Related News

  • IP Products

    Fisheye camera dewarping

    by Mark Rowe

    Eagle Eye Networks, the cloud video surveillance firm, has released its cloud-client fisheye camera dewarping solution. Eagle Eye Cloud VMS customers can…

  • IP Products

    Cloud NVR team

    by Mark Rowe

    AD Network Video has made two new appointments. Jamie Horastead is joining AD as a new business development consultant from Xerox, where…

  • IP Products

    MPTL cable certifier

    by Mark Rowe

    IDEAL Networks is offering a software update for its LanTEK III cable certifier. It’s for installers to certify cabling that has Modular…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing