The Emerging Cyberthreat Review with Nominum Data Science comes from the front lines of the war against cybercrime, analyzing the most prevalent and effective malware in today’s threat landscape – including DDoS, DNS amplification and pseudo random subdomain (PRSD) attacks.
4. 4
3. Top Malware Threats
- Overall – Necurs & Locky
- Mobile - Ghost Push
- IoT - Mirai
Key Findings
4. DNS DDoS returns
“PRSD” attacks resumed, targeting
popular domains
2. Millions of new domains daily
Five million new domains queried
every day (most are malicious)
1. Unprecedented IoT Attacks
Huge uptick since code release <
1 month
5. Threat Tracker
5
3X growth
in queries
and domains
82 million
malicious
queries daily
(by end of Aug)
94,000
domains added
daily to block list
6. Less than
one query
74%
More than
one query
26%
New domains in six month period
349.7 million
124.7 million
Domains in Six-Month Period
27. Some Recommendations
Invest in resilient DNS & monitor DNS carefully
Partner with at least one secondary hosted authoritative DNS provider
Don’t let a device you control go online without a secure password
Prioritize identification & remediation of top threats (Necurs, Locky, Ghost Push)
Invest in tools for rapidly identifying & stopping attacks from inside the network
Make IoT security a priority!
27
Editor's Notes
Yuriy
Here are Nominum’s key findings based on our unique vantage point over the security landscape
IoT threats went mainstream
well into the millions of devices now in the hands of criminals
Dyn attacks
No way to remove the malware
Threat Landscape increasingly dynamic
5m new domains queried daily – Mostly DGA
3. Top threats
Traditional - Necurs / Locky
Mobile – Ghostpush
4. PRSD attacks are back