SlideShare a Scribd company logo

NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018

NETSCOUT
NETSCOUT

The availability of innovative DDoS attack tools and techniques has lowered the barrier of entry, which means an increase in the number of attackers launching DDoS attacks. Attack targets have also diversified. It used to be that finance, gaming, and e-commerce verticals were likely targets. Today, any organization, for any real or perceived offense or affiliation, can become a target of a DDoS attack. This while APT group and crimeware activity continues to grow, as actors in this space develop and unleash increasingly sophisticated attacks worldwide. Learn about: •Understand what is happening on the DDoS Landscape – the largest attacks and what is driving them •How Nation-State activity is going ‘internet-scale’ •Botnets, crimeware, intrusions – how these facets of the threat landscape tie in together

1 of 20
Download to read offline
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 1 NETSCOUT Threat Intelligence Report Powered by ATLAS Findings from First Half 2018 Richard Hummel Manager Intelligence Hardik Modi Sr Director Threat Intelligence
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 2 Agenda • Introducing NETSCOUT Threat Intelligence • Key Findings • Conclusion • What is the NETSCOUT Threat Intelligence Report
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 3 NETSCOUT Threat Intelligence NETSCOUT Threat Intelligence ATLAS ASERT Advanced Threat Level Analysis System Arbor’s collective threat and traffic data depository that includes traffic stats from over one third of the Internet. Arbor’s unique correlation and analytics make it smart data ATLAS Security Engineering & Response Team NETSCOUT’s elite threat research organization that analyzes and curates ATLAS data to provide human and machine readable actionable intelligence to Arbor customers
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 4 Threat Intelligence Mission Differentiation for NETSCOUT’s products and services Tactical and strategic intelligence for NETSCOUT’s customer base NETSCOUT’s thought leadership in security space
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 5 ATLAS Quick Facts
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 6 The New NETSCOUT Threat Intelligence Report Summary of 1H 2018 Global DDoS attack data from ATLAS and threat campaign activity tracked by the ASERT research team. These two entities comprise NETSCOUT Threat Intelligence. Consolidated view of threat landscape and perspective of the team. Live on August 7th via press, printed at Black HAT WHEN: WHAT: WHY:
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 7 The New NETSCOUT Threat Intelligence Report Extend credibility for NETSCOUT in the security space Demonstrate breadth of visibility and research through ATLAS and ASERT Prove coverage provided through AIF in NETSCOUT and Arbor products WHY:
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 8 Key Findings An Accelerating Internet Scale Threat Paradigm • DDoS tactics being used for internal intrusions. Crimeware and espionage adding Internet Scale techniques (worms, botnets for mass malware distribution) • Big jump in frequency of very large DDoS attacks since Memcached. • Countries and verticals can be highly targeted. • More nation states adding APT to their statecraft. APT
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 9 DDoS attacks enter the terabit era In Feb 2018, Memcached vulnerabilities drove the largest DDoS attacks seen to date Vulnerable systems remain available on the Internet continuing to drive large attacks
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 10 DDoS attack volume up, frequency down
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 11 APT groups expand beyond traditional arenas "Add cyber-attacks to their toolkit" • Campaigns and frameworks are discovered for a broad tier of nations OilRig (Iran) Fancy Bear (Russia) Hidden Cobra (North Korea) Ocean Lotus (Vietnam) Donot Team
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 12 Crimeware actors diversify attack methods Emotet Trickbot Kardon Loader Panda Banker • Inspired by large-scale attacks in 2017, many known crimeware families have included auto- propagation (worm) techniques – Emotet – Trickbot – IcedID • There’s an increased focus on cryptocurrency mining • New platforms/affiliate programs like Kardon Loader continue to emerge • Banking trojans continually expand to new regions eg. Panda Banker in Japan
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 13 New DDoS vectors & tools are rapidly leveraged ... • Memcached attacks went from non-existent to record-breaking in days • Botnets like Mirai incorporate new router exploits routinely
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 14 … While old ones get new life "SSDP" • SImple Service Discovery Protocol (SSDP), in use since 2015, re-emerged in 2018 as a "new" method. • Netscout Threat Intelligence demonstrated the use of SSDP in 2015, proving this was not a new vecotor. • However, we uncovered a new class of SSDP abuse where vulnerable systems will respond to SSDP on non-standard ports, resulting in a flood of UDP packets with ephermeral source and destination ports. • Mitigation then becomes more difficult.
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 15 Mirai Variants Emerge • Mirai was first used to launch high-profile, high-impact DDoS attacks in 2016 • Subsequently, source code was published • This has spawned a series of generations that introduce new functionality • ‘Satori’ leveraged remote code injections exploits for propagation • OMG introduced HTTP/SOCKS proxy • IoTrojan leveraged new router exploits "IoT Threats Rapidly Expand"
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 16 APT campaigns can involve internet-scale footprints "Internet-scale & Supply Chain" • ‘Internet Scale’ factors in their approach too – NotPetya, WannaCry, BadRabbit are a few examples • Supply chain attacks are being seen more frequently (CCleaner) • Absolute Lojack recovery software for laptops is a representative finding • HiddenCobra (North Korea) uses DeltaCharlie malware to launch DDoS attacks from botnets.
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 17 Top Targeted Verticals • Telecommunication Providers observe the overwhelming majority of attacks – inherent to their role • Shifts in popular targets relative to 2017 • ‘International Affairs’ in 7th spot • Represents first vertical analysis conducted on ATLAS data
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 18 Conclusion Global threats will require new global interventions Threat Intelligence is key to informing strategic direction for threat defense
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 19 Conclusion Available at https://www.netscout.com/threatreport Next iteration is planned for January 2019
COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 20 Thank you Questions?

Recommended

End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
NETSCOUT
 
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation MachineNETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT
 
A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the Cloud
NETSCOUT
 
Clues for Solving Cloud-Based App Performance
Clues for Solving Cloud-Based App Performance Clues for Solving Cloud-Based App Performance
Clues for Solving Cloud-Based App Performance
NETSCOUT
 
Cisco connect winnipeg 2018 simple it leads to simple it management
Cisco connect winnipeg 2018 simple it leads to simple it managementCisco connect winnipeg 2018 simple it leads to simple it management
Cisco connect winnipeg 2018 simple it leads to simple it management
Cisco Canada
 
Cisco Connect Halifax 2018 Simple IT
Cisco Connect Halifax 2018 Simple ITCisco Connect Halifax 2018 Simple IT
Cisco Connect Halifax 2018 Simple IT
Cisco Canada
 
Cisco connect winnipeg 2018 introducing the network intuitive
Cisco connect winnipeg 2018 introducing the network intuitiveCisco connect winnipeg 2018 introducing the network intuitive
Cisco connect winnipeg 2018 introducing the network intuitive
Cisco Canada
 
Cisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitiveCisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Canada
 

Recommended

End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
NETSCOUT
 
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation MachineNETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT
 
A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the Cloud
NETSCOUT
 
Clues for Solving Cloud-Based App Performance
Clues for Solving Cloud-Based App Performance Clues for Solving Cloud-Based App Performance
Clues for Solving Cloud-Based App Performance
NETSCOUT
 
Cisco connect winnipeg 2018 simple it leads to simple it management
Cisco connect winnipeg 2018 simple it leads to simple it managementCisco connect winnipeg 2018 simple it leads to simple it management
Cisco connect winnipeg 2018 simple it leads to simple it management
Cisco Canada
 
Cisco Connect Halifax 2018 Simple IT
Cisco Connect Halifax 2018 Simple ITCisco Connect Halifax 2018 Simple IT
Cisco Connect Halifax 2018 Simple IT
Cisco Canada
 
Cisco connect winnipeg 2018 introducing the network intuitive
Cisco connect winnipeg 2018 introducing the network intuitiveCisco connect winnipeg 2018 introducing the network intuitive
Cisco connect winnipeg 2018 introducing the network intuitive
Cisco Canada
 
Cisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitiveCisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Connect Halifax 2018 Cisco dna - network intuitive
Cisco Canada
 
Cisco connect winnipeg 2018 simply powerful networking with meraki
Cisco connect winnipeg 2018 simply powerful networking with merakiCisco connect winnipeg 2018 simply powerful networking with meraki
Cisco connect winnipeg 2018 simply powerful networking with meraki
Cisco Canada
 
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucsCisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
Cisco Canada
 
Telus - Network as a service
Telus - Network as a serviceTelus - Network as a service
Telus - Network as a service
Gavin M Amos.
 
Hope, fear, and the data center time machine
Hope, fear, and the data center time machineHope, fear, and the data center time machine
Hope, fear, and the data center time machine
Cisco Canada
 
Cisco Meraki: Let Simple Work For You
Cisco Meraki: Let Simple Work For YouCisco Meraki: Let Simple Work For You
Cisco Meraki: Let Simple Work For You
Cisco Canada
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco Canada
 
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Canada
 
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
Nur Shiqim Chok
 
Cyber Priority - Judson Walker
Cyber Priority - Judson WalkerCyber Priority - Judson Walker
Cyber Priority - Judson Walker
scoopnewsgroup
 
Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles
Cisco Canada
 
Cisco Connect Halifax 2018 Cisco Meraki -let simple work for you
Cisco Connect Halifax 2018 Cisco Meraki -let simple work for youCisco Connect Halifax 2018 Cisco Meraki -let simple work for you
Cisco Connect Halifax 2018 Cisco Meraki -let simple work for you
Cisco Canada
 
Driving Innovation: A Path to Digitization, Speed and Visibility in an Applic...
Driving Innovation: A Path to Digitization, Speed and Visibility in an Applic...Driving Innovation: A Path to Digitization, Speed and Visibility in an Applic...
Driving Innovation: A Path to Digitization, Speed and Visibility in an Applic...
Cisco Canada
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNA
Matteo Masi
 
Gain Insight and Programmability with Cisco DC Networking
Gain Insight and Programmability with Cisco DC NetworkingGain Insight and Programmability with Cisco DC Networking
Gain Insight and Programmability with Cisco DC Networking
Cisco Canada
 
Cisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Connect Toronto 2017 - Cisco meraki let simple work for youCisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Canada
 
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Canada
 
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
NETSCOUT
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco Canada
 
Cisco Meraki - Let Simple Work for You
Cisco Meraki - Let Simple Work for YouCisco Meraki - Let Simple Work for You
Cisco Meraki - Let Simple Work for You
Cisco Canada
 
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Canada
 
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud ThreatsBeyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
SBWebinars
 
Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018
African Cyber Security Summit
 

More Related Content

What's hot

Cisco connect winnipeg 2018 simply powerful networking with meraki
Cisco connect winnipeg 2018 simply powerful networking with merakiCisco connect winnipeg 2018 simply powerful networking with meraki
Cisco connect winnipeg 2018 simply powerful networking with meraki
Cisco Canada
 
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucsCisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
Cisco Canada
 
Telus - Network as a service
Telus - Network as a serviceTelus - Network as a service
Telus - Network as a service
Gavin M Amos.
 
Hope, fear, and the data center time machine
Hope, fear, and the data center time machineHope, fear, and the data center time machine
Hope, fear, and the data center time machine
Cisco Canada
 
Cisco Meraki: Let Simple Work For You
Cisco Meraki: Let Simple Work For YouCisco Meraki: Let Simple Work For You
Cisco Meraki: Let Simple Work For You
Cisco Canada
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco Canada
 
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Canada
 
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
Nur Shiqim Chok
 
Cyber Priority - Judson Walker
Cyber Priority - Judson WalkerCyber Priority - Judson Walker
Cyber Priority - Judson Walker
scoopnewsgroup
 
Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles
Cisco Canada
 
Cisco Connect Halifax 2018 Cisco Meraki -let simple work for you
Cisco Connect Halifax 2018 Cisco Meraki -let simple work for youCisco Connect Halifax 2018 Cisco Meraki -let simple work for you
Cisco Connect Halifax 2018 Cisco Meraki -let simple work for you
Cisco Canada
 
Driving Innovation: A Path to Digitization, Speed and Visibility in an Applic...
Driving Innovation: A Path to Digitization, Speed and Visibility in an Applic...Driving Innovation: A Path to Digitization, Speed and Visibility in an Applic...
Driving Innovation: A Path to Digitization, Speed and Visibility in an Applic...
Cisco Canada
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNA
Matteo Masi
 
Gain Insight and Programmability with Cisco DC Networking
Gain Insight and Programmability with Cisco DC NetworkingGain Insight and Programmability with Cisco DC Networking
Gain Insight and Programmability with Cisco DC Networking
Cisco Canada
 
Cisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Connect Toronto 2017 - Cisco meraki let simple work for youCisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Canada
 
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Canada
 
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
NETSCOUT
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco Canada
 
Cisco Meraki - Let Simple Work for You
Cisco Meraki - Let Simple Work for YouCisco Meraki - Let Simple Work for You
Cisco Meraki - Let Simple Work for You
Cisco Canada
 
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Canada
 

What's hot (20)

Cisco connect winnipeg 2018 simply powerful networking with meraki
Cisco connect winnipeg 2018 simply powerful networking with merakiCisco connect winnipeg 2018 simply powerful networking with meraki
Cisco connect winnipeg 2018 simply powerful networking with meraki
 
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucsCisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
 
Telus - Network as a service
Telus - Network as a serviceTelus - Network as a service
Telus - Network as a service
 
Hope, fear, and the data center time machine
Hope, fear, and the data center time machineHope, fear, and the data center time machine
Hope, fear, and the data center time machine
 
Cisco Meraki: Let Simple Work For You
Cisco Meraki: Let Simple Work For YouCisco Meraki: Let Simple Work For You
Cisco Meraki: Let Simple Work For You
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
 
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
Cisco Connect Halifax 2018 Compute infrastructure for a hybrid cloud ucs an...
 
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
[Cisco Connect 2018 - Vietnam] Rajinder singh cisco sd-wan-next generation ...
 
Cyber Priority - Judson Walker
Cyber Priority - Judson WalkerCyber Priority - Judson Walker
Cyber Priority - Judson Walker
 
Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles Ot ics cyberattaques dans les organisations industrielles
Ot ics cyberattaques dans les organisations industrielles
 
Cisco Connect Halifax 2018 Cisco Meraki -let simple work for you
Cisco Connect Halifax 2018 Cisco Meraki -let simple work for youCisco Connect Halifax 2018 Cisco Meraki -let simple work for you
Cisco Connect Halifax 2018 Cisco Meraki -let simple work for you
 
Driving Innovation: A Path to Digitization, Speed and Visibility in an Applic...
Driving Innovation: A Path to Digitization, Speed and Visibility in an Applic...Driving Innovation: A Path to Digitization, Speed and Visibility in an Applic...
Driving Innovation: A Path to Digitization, Speed and Visibility in an Applic...
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNA
 
Gain Insight and Programmability with Cisco DC Networking
Gain Insight and Programmability with Cisco DC NetworkingGain Insight and Programmability with Cisco DC Networking
Gain Insight and Programmability with Cisco DC Networking
 
Cisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Connect Toronto 2017 - Cisco meraki let simple work for youCisco Connect Toronto 2017 - Cisco meraki let simple work for you
Cisco Connect Toronto 2017 - Cisco meraki let simple work for you
 
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
Cisco Connect Ottawa 2018 Cisco digital buildings and the 4th utility w co...
 
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...End to End Application Visibility and Troubleshooting Across the Virtual Clou...
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
 
Cisco Meraki - Let Simple Work for You
Cisco Meraki - Let Simple Work for YouCisco Meraki - Let Simple Work for You
Cisco Meraki - Let Simple Work for You
 
Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...Cisco Connect Halifax 2018 Application agility and programmability with cis...
Cisco Connect Halifax 2018 Application agility and programmability with cis...
 

Similar to NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018

Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud ThreatsBeyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
SBWebinars
 
Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018
African Cyber Security Summit
 
BSidesLV 2018 - Katie Nickels and John Wunder - ATT&CKing the Status Quo
BSidesLV 2018 - Katie Nickels and John Wunder - ATT&CKing the Status QuoBSidesLV 2018 - Katie Nickels and John Wunder - ATT&CKing the Status Quo
BSidesLV 2018 - Katie Nickels and John Wunder - ATT&CKing the Status Quo
Katie Nickels
 
2018 Year in Review- ICS Threat Activity Groups
2018 Year in Review- ICS Threat Activity Groups2018 Year in Review- ICS Threat Activity Groups
2018 Year in Review- ICS Threat Activity Groups
Dragos, Inc.
 
Evolución de la Ciber Seguridad
Evolución de la Ciber SeguridadEvolución de la Ciber Seguridad
Evolución de la Ciber Seguridad
Cristian Garcia G.
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable Data
Cristian Garcia G.
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats
Jim Kaplan CIA CFE
 
Ciberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACiberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IA
Cristian Garcia G.
 
Cyber security
Cyber securityCyber security
Cyber security
Bhavin Shah
 
The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017
R-Style Lab
 
Law seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryLaw seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industry
Kevin Murphy
 
IRJET- A Cloud based Honeynet System for Attack Detection using Machine Learn...
IRJET- A Cloud based Honeynet System for Attack Detection using Machine Learn...IRJET- A Cloud based Honeynet System for Attack Detection using Machine Learn...
IRJET- A Cloud based Honeynet System for Attack Detection using Machine Learn...
IRJET Journal
 
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with LastlineReacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with LastlineLastline, Inc.
 
AWS Chicago May 22 Security event - Redlock CSI report
AWS Chicago May 22 Security event - Redlock CSI reportAWS Chicago May 22 Security event - Redlock CSI report
AWS Chicago May 22 Security event - Redlock CSI report
AWS Chicago
 
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Minseok(Jacky) Cha
 
Cyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APT
Simone Onofri
 
IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed
Great Bay Software
 
Software Supply Chain Attacks (June 2021)
Software Supply Chain Attacks (June 2021)Software Supply Chain Attacks (June 2021)
Software Supply Chain Attacks (June 2021)
TzahiArabov
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
Pierluigi Paganini
 

Similar to NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018 (20)

Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud ThreatsBeyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud Threats
 
Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018Atelier Technique ARBOR NETWORKS ACSS 2018
Atelier Technique ARBOR NETWORKS ACSS 2018
 
BSidesLV 2018 - Katie Nickels and John Wunder - ATT&CKing the Status Quo
BSidesLV 2018 - Katie Nickels and John Wunder - ATT&CKing the Status QuoBSidesLV 2018 - Katie Nickels and John Wunder - ATT&CKing the Status Quo
BSidesLV 2018 - Katie Nickels and John Wunder - ATT&CKing the Status Quo
 
2018 Year in Review- ICS Threat Activity Groups
2018 Year in Review- ICS Threat Activity Groups2018 Year in Review- ICS Threat Activity Groups
2018 Year in Review- ICS Threat Activity Groups
 
Evolución de la Ciber Seguridad
Evolución de la Ciber SeguridadEvolución de la Ciber Seguridad
Evolución de la Ciber Seguridad
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable Data
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
 
Cyber security series advanced persistent threats
Cyber security series advanced persistent threats Cyber security series advanced persistent threats
Cyber security series advanced persistent threats
 
Ciberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACiberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IA
 
Cyber security
Cyber securityCyber security
Cyber security
 
The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017The Importance of Cybersecurity in 2017
The Importance of Cybersecurity in 2017
 
Law seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryLaw seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industry
 
IRJET- A Cloud based Honeynet System for Attack Detection using Machine Learn...
IRJET- A Cloud based Honeynet System for Attack Detection using Machine Learn...IRJET- A Cloud based Honeynet System for Attack Detection using Machine Learn...
IRJET- A Cloud based Honeynet System for Attack Detection using Machine Learn...
 
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with LastlineReacting to Advanced, Unknown Attacks in Real-Time with Lastline
Reacting to Advanced, Unknown Attacks in Real-Time with Lastline
 
AWS Chicago May 22 Security event - Redlock CSI report
AWS Chicago May 22 Security event - Redlock CSI reportAWS Chicago May 22 Security event - Redlock CSI report
AWS Chicago May 22 Security event - Redlock CSI report
 
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
Targeted attacks on major industry sectors in south korea 20171201 cha minseo...
 
Cyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APTCyber Defense - How to be prepared to APT
Cyber Defense - How to be prepared to APT
 
IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed
 
Software Supply Chain Attacks (June 2021)
Software Supply Chain Attacks (June 2021)Software Supply Chain Attacks (June 2021)
Software Supply Chain Attacks (June 2021)
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 

More from NETSCOUT

There's No Such Thing As "Downtime" In a Hospital
There's No Such Thing As "Downtime" In a HospitalThere's No Such Thing As "Downtime" In a Hospital
There's No Such Thing As "Downtime" In a Hospital
NETSCOUT
 
DDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in DefenseDDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in Defense
NETSCOUT
 
6 Key Findings Security Findings for Service Providers
6 Key Findings Security Findings for Service Providers6 Key Findings Security Findings for Service Providers
6 Key Findings Security Findings for Service Providers
NETSCOUT
 
RF Propagation Modelling for 5G RAN Planning and Design
RF Propagation Modelling for 5G RAN Planning and DesignRF Propagation Modelling for 5G RAN Planning and Design
RF Propagation Modelling for 5G RAN Planning and Design
NETSCOUT
 
nGeniusPULSE Quick Look
nGeniusPULSE Quick LooknGeniusPULSE Quick Look
nGeniusPULSE Quick Look
NETSCOUT
 
Hybrid Cloud - Digital Transformatiom
Hybrid Cloud - Digital TransformatiomHybrid Cloud - Digital Transformatiom
Hybrid Cloud - Digital Transformatiom
NETSCOUT
 
Digital Transformation starts with Service Assurance
Digital Transformation starts with Service AssuranceDigital Transformation starts with Service Assurance
Digital Transformation starts with Service Assurance
NETSCOUT
 
Deceptive Speed: How to Fix Fast, Unstable Wi-Fi
Deceptive Speed: How to Fix Fast, Unstable Wi-FiDeceptive Speed: How to Fix Fast, Unstable Wi-Fi
Deceptive Speed: How to Fix Fast, Unstable Wi-Fi
NETSCOUT
 
Planning for a Digital Future
Planning for a Digital FuturePlanning for a Digital Future
Planning for a Digital Future
NETSCOUT
 
How to Select a Security Visibility Solution
How to Select a Security Visibility SolutionHow to Select a Security Visibility Solution
How to Select a Security Visibility Solution
NETSCOUT
 
Enterprise Networks: No Tool Left Behind
Enterprise Networks: No Tool Left BehindEnterprise Networks: No Tool Left Behind
Enterprise Networks: No Tool Left Behind
NETSCOUT
 

More from NETSCOUT (11)

There's No Such Thing As "Downtime" In a Hospital
There's No Such Thing As "Downtime" In a HospitalThere's No Such Thing As "Downtime" In a Hospital
There's No Such Thing As "Downtime" In a Hospital
 
DDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in DefenseDDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in Defense
 
6 Key Findings Security Findings for Service Providers
6 Key Findings Security Findings for Service Providers6 Key Findings Security Findings for Service Providers
6 Key Findings Security Findings for Service Providers
 
RF Propagation Modelling for 5G RAN Planning and Design
RF Propagation Modelling for 5G RAN Planning and DesignRF Propagation Modelling for 5G RAN Planning and Design
RF Propagation Modelling for 5G RAN Planning and Design
 
nGeniusPULSE Quick Look
nGeniusPULSE Quick LooknGeniusPULSE Quick Look
nGeniusPULSE Quick Look
 
Hybrid Cloud - Digital Transformatiom
Hybrid Cloud - Digital TransformatiomHybrid Cloud - Digital Transformatiom
Hybrid Cloud - Digital Transformatiom
 
Digital Transformation starts with Service Assurance
Digital Transformation starts with Service AssuranceDigital Transformation starts with Service Assurance
Digital Transformation starts with Service Assurance
 
Deceptive Speed: How to Fix Fast, Unstable Wi-Fi
Deceptive Speed: How to Fix Fast, Unstable Wi-FiDeceptive Speed: How to Fix Fast, Unstable Wi-Fi
Deceptive Speed: How to Fix Fast, Unstable Wi-Fi
 
Planning for a Digital Future
Planning for a Digital FuturePlanning for a Digital Future
Planning for a Digital Future
 
How to Select a Security Visibility Solution
How to Select a Security Visibility SolutionHow to Select a Security Visibility Solution
How to Select a Security Visibility Solution
 
Enterprise Networks: No Tool Left Behind
Enterprise Networks: No Tool Left BehindEnterprise Networks: No Tool Left Behind
Enterprise Networks: No Tool Left Behind
 

Recently uploaded

DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 

Recently uploaded (20)

DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 

NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018

  • 1. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 1 NETSCOUT Threat Intelligence Report Powered by ATLAS Findings from First Half 2018 Richard Hummel Manager Intelligence Hardik Modi Sr Director Threat Intelligence
  • 2. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 2 Agenda • Introducing NETSCOUT Threat Intelligence • Key Findings • Conclusion • What is the NETSCOUT Threat Intelligence Report
  • 3. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 3 NETSCOUT Threat Intelligence NETSCOUT Threat Intelligence ATLAS ASERT Advanced Threat Level Analysis System Arbor’s collective threat and traffic data depository that includes traffic stats from over one third of the Internet. Arbor’s unique correlation and analytics make it smart data ATLAS Security Engineering & Response Team NETSCOUT’s elite threat research organization that analyzes and curates ATLAS data to provide human and machine readable actionable intelligence to Arbor customers
  • 4. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 4 Threat Intelligence Mission Differentiation for NETSCOUT’s products and services Tactical and strategic intelligence for NETSCOUT’s customer base NETSCOUT’s thought leadership in security space
  • 5. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 5 ATLAS Quick Facts
  • 6. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 6 The New NETSCOUT Threat Intelligence Report Summary of 1H 2018 Global DDoS attack data from ATLAS and threat campaign activity tracked by the ASERT research team. These two entities comprise NETSCOUT Threat Intelligence. Consolidated view of threat landscape and perspective of the team. Live on August 7th via press, printed at Black HAT WHEN: WHAT: WHY:
  • 7. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 7 The New NETSCOUT Threat Intelligence Report Extend credibility for NETSCOUT in the security space Demonstrate breadth of visibility and research through ATLAS and ASERT Prove coverage provided through AIF in NETSCOUT and Arbor products WHY:
  • 8. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 8 Key Findings An Accelerating Internet Scale Threat Paradigm • DDoS tactics being used for internal intrusions. Crimeware and espionage adding Internet Scale techniques (worms, botnets for mass malware distribution) • Big jump in frequency of very large DDoS attacks since Memcached. • Countries and verticals can be highly targeted. • More nation states adding APT to their statecraft. APT
  • 9. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 9 DDoS attacks enter the terabit era In Feb 2018, Memcached vulnerabilities drove the largest DDoS attacks seen to date Vulnerable systems remain available on the Internet continuing to drive large attacks
  • 10. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 10 DDoS attack volume up, frequency down
  • 11. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 11 APT groups expand beyond traditional arenas "Add cyber-attacks to their toolkit" • Campaigns and frameworks are discovered for a broad tier of nations OilRig (Iran) Fancy Bear (Russia) Hidden Cobra (North Korea) Ocean Lotus (Vietnam) Donot Team
  • 12. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 12 Crimeware actors diversify attack methods Emotet Trickbot Kardon Loader Panda Banker • Inspired by large-scale attacks in 2017, many known crimeware families have included auto- propagation (worm) techniques – Emotet – Trickbot – IcedID • There’s an increased focus on cryptocurrency mining • New platforms/affiliate programs like Kardon Loader continue to emerge • Banking trojans continually expand to new regions eg. Panda Banker in Japan
  • 13. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 13 New DDoS vectors & tools are rapidly leveraged ... • Memcached attacks went from non-existent to record-breaking in days • Botnets like Mirai incorporate new router exploits routinely
  • 14. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 14 … While old ones get new life "SSDP" • SImple Service Discovery Protocol (SSDP), in use since 2015, re-emerged in 2018 as a "new" method. • Netscout Threat Intelligence demonstrated the use of SSDP in 2015, proving this was not a new vecotor. • However, we uncovered a new class of SSDP abuse where vulnerable systems will respond to SSDP on non-standard ports, resulting in a flood of UDP packets with ephermeral source and destination ports. • Mitigation then becomes more difficult.
  • 15. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 15 Mirai Variants Emerge • Mirai was first used to launch high-profile, high-impact DDoS attacks in 2016 • Subsequently, source code was published • This has spawned a series of generations that introduce new functionality • ‘Satori’ leveraged remote code injections exploits for propagation • OMG introduced HTTP/SOCKS proxy • IoTrojan leveraged new router exploits "IoT Threats Rapidly Expand"
  • 16. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 16 APT campaigns can involve internet-scale footprints "Internet-scale & Supply Chain" • ‘Internet Scale’ factors in their approach too – NotPetya, WannaCry, BadRabbit are a few examples • Supply chain attacks are being seen more frequently (CCleaner) • Absolute Lojack recovery software for laptops is a representative finding • HiddenCobra (North Korea) uses DeltaCharlie malware to launch DDoS attacks from botnets.
  • 17. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 17 Top Targeted Verticals • Telecommunication Providers observe the overwhelming majority of attacks – inherent to their role • Shifts in popular targets relative to 2017 • ‘International Affairs’ in 7th spot • Represents first vertical analysis conducted on ATLAS data
  • 18. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 18 Conclusion Global threats will require new global interventions Threat Intelligence is key to informing strategic direction for threat defense
  • 19. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 19 Conclusion Available at https://www.netscout.com/threatreport Next iteration is planned for January 2019
  • 20. COPYRIGHT © 2018 NETSCOUT SYSTEMS, INC. 20 Thank you Questions?