SlideShare a Scribd company logo

Nexusguard d do_s_threat_report_q1_2017_en

Andrey Apuhtin
Andrey Apuhtin

This document provides a summary of DDoS attack trends in Q1 2017 according to Nexusguard's analysis. Key findings include a 380% increase in attacks compared to the previous year, with unusually large attacks on holidays such as Chinese New Year and Valentine's Day. HTTP floods became the most common attack vector. The US was the top source of attacks globally, while China was the top source in the Asia-Pacific region. Larger and more complex multi-vector attacks targeting both volumetric and application layers became more common.

Software
1 of 13
Download to read offline
Distributed Denial of Service (DDoS) Threat Report Q1 2017 Threat Report Global Leader in DDoS Mitigation nexusguard.com456 Montgomery Street, Suite 800 San Francisco, CA 94104 USA | +1 415 299 8550
2 Contents 1. Methodology . . . . . . . . . . . . . . . . . . . 3 2. Key Observations for Q1 2017 . . . . . . . . . . . . . . . 4 5. Conclusions . . . . . . . . . . . . . . . . . . . 12 3. Quarterly Focus: Attackers Don’t Go on Vacation During Holidays . . . . . 5 3.1 Holidays Are No Longer Peaceful . . . . . . . . . . . . . . . . . . . 5 3.2 A New Years Nightmare . . . . . . . . . . . . . . . . . . . 5 3.3 Heavy Hits on the Day of Romance . . . . . . . . . . . . . . . 5 3.4 Attack Frequency Changes . . . . . . . . . . . . . . . 6 nexusguard.com 4. DDoS Activities . . . . . . . . . . . . . . . . . . . 7 4.1 Types of Vectors . . . . . . 7 4.2 Quantity of Attack Vectors . . . . . . 8 4.3 Attack Duration . . . . . . 8 4.4 Attack Size Distribution . . . . . . 9 4.5 Global Attack Source Distribution . . . . . . 9 4.6 APAC Attack Source Distribution . . . . . . 10 4.7 Reflective DDoS Attacks by Autonomous System Number (ASN) . . . . . . 11
1. Methodology As the global leader in Distributed Denial of Service (DDoS) attack mitigation, Nexusguard observes and collects real-time data on threats facing enterprise and service-provider networks worldwide. Data is gathered via botnet scanning, Honeypots, ISPs, and traffic moving between attackers and their targets. The analysis conducted by Nexusguard and our research partner, attackscape.com (https://www.attackscape.com/), identifies vulnerabilities and measures attack trends worldwide to provide a comprehensive view of DDoS threats. Attacks and hacking activities exert a sizeable impact on cybersecurity. Because of the comprehensive, global nature of our data sets and observations, Nexusguard is able to evaluate DDoS events in a manner that is not biased by any single set of customers or industries. Many zero-day threats are first seen on our global research network. These threats, among others, are summarized in our quarterly reports. 3 nexusguard.com
4 2. Key Observations for Q1 2017 • In Q1 2017, the number of DDoS attacks observed by Nexusguard registered a 380% year-on-year growth, suggesting that DDoS attacks occurred more frequently than the same period a year ago. It can be concluded that the impact of seasonal factors on attack frequency has become less apparent. • Uncommonly fierce attacks were observed in Q1 2017 — much more so than in preceding quarters. An enormous 275Gbps attack took place during Valentine’s Day and a lengthy attack spanning 4,060 minutes occurred over the Chinese New Year. • The percentage of days with sizeable attacks (larger than 10Gbps) grew considerably between January (48.39%) and March (64.29%). • HTTP attack counts and total attack counts increased over Q4 2016 by 147.13% and 37.59% respectively. nexusguard.com
5 3. Quarterly Focus: Attackers Don’t Go on Vacation During Holidays 3.1 Holidays Are No Longer Peaceful Prior to 2017, attacks were not common in the year’s first quarter. This year, however, the magnitude and frequency of attacks reached an unprecedented level. Two attacks with the largest size and duration ever were tracked during Q1 holidays in APAC and the West. 3.2 A New Years Nightmare In APAC, a lengthy attack January 28-31, the period of Chinese New Year, lasted 2 days, 19 hours, and 40 minutes. It was a widespread, disruptive event that left celebrants weary and exhausted upon returning to work. 3.3 Heavy Hits on the Day of Romance In the West, an attack over Valentine’s Day (February 14-15) lasting 21 hours and 31 minutes spiked up to 275.77Gbps. It was an unusual event in that Valentine’s Day had not been targeted previously. nexusguard.com As noted in our Q4 2016 report, 200+Gbps attacks have become commonplace. Such large- scale attacks continued this quarter, but now with more frequency, longer durations, and greater complexity, especially with the increased use of HTTP GET/POST flood to target the application layer. Multi-vector attacks in the form of advanced persistent threats (APT) also became more common. During Q1, attackers didn’t take a break for any holidays.
Q1 2017 saw increased frequency of DDoS attacks compared with corresponding quarters in 2015 and 2016, during which attacks were less scalable and frequent. 2017 attack counts increased by 231.12% over Q1 2015 and 379.84% over Q1 2016. The turning point, when gigantic, continuous attacks began to wreak havoc, appears to be Q4 2016, reflecting a ripple effect of increased Botnet activity that occurred in the year’s final quarter. 6 3.4 Attack Frequency Changes nexusguard.com Figure 1. Attack Frequency in Q1 — 2015 through 2017
4.1 Types of Vectors In Q1 2017, 21 attack vectors were identified in 16,641 attacks. HTTP Flood was the predominant type, contributing 24.36%. TCP Flag Invalid Attack took second place at 20.28%. TCP SYN Attack and UDP Attack were the third and fourth leading vectors with 17.17% and 13.85% respectively. Figure 2. Distribution of DDoS Attack Vectors The total number of attacks in Q1 2017 jumped 37.59% over Q4 2016. HTTP attacks proliferated, showing an increase of 147.13% in the quarter. Application layer attacks encompassing HTTP Flood (86.77%) and HTTPS Flood (13.23%) soared as predicted in our Q4 2016 threat report. 93.75% of the attacks were mixed with volumetric and application aspects, whereas only 6.25% were pure application attacks. Since they call for multi-layered defense mechanisms, which are costly and, therefore, target enterprises have yet to upgrade their DDoS attack mitigation solutions to in order protect their online resources from the growing threat of multi-vector DDoS attacks. 7 4. DDoS Activities nexusguard.com 24.36% 20.28% 17.17% 13.85% 6.96% 3.71% 3.20% 2.36% 1.99% 1.60% 1.23% 1.15% 0.89% 0.83% 0.23% 0.16% 0.01% 0.01% 0.01% 0.01% 0.00% 5.00% 10.00% 15.00% 20.00% 25.00% 30.00% HTTP Flood TCP Flag Invalid Attack TCP SYN Attack UDP Attack IP Fragmentation Attack HTTPS Flood ICMP Attack TCP RST Attack DNS Amplification Attack UDP Fragmentation Attack DNS Attack NTP Amplification Attack SSDP Amplification Attack IP Bogons TCP Fragmentation Attack SNMP Amplification Attack SIP Flood IP LAND Attack TCP Out of state Attack TCP Connection Flood 4053 15842 1640 11514 HTTP Attack Counts Total Attack Counts 147.13% 37.59% Percentage of Attacks Q1 2017 over Q4 2016 Table 1. Comparison of Attacks - Q4 2016 and Q1 2017 Q1 2017Q4 2016
8 4.2 Quantity of Attack Vectors 4.3 Attack Duration Multi-vector attacks played the leading role in Q1 2017. 31.08% of attacks were single vector, while the rest were multi- vector. More than 48% of attacks lasted longer than 90 minutes: 22.97% were between 91 and 240 minutes, and 12.16% between 241 and 420 minutes. 4.05% of attacks exceeded 1,400 minutes. Figure 3. Distribution of Attack Vectors in Q1 2017 Figure 4. Distribution of Attack Duration nexusguard.com 0 0.05 0.1 0.15 0.2 0.25 0.3 0.35 1 2 3 4 5 6 10 Nunberofattackvector Percentage 31.08% 29.73% 20.27% 10.81% 5.41% 1.35% 1.35% 51.35% 22.97% 12.16% 5.41% 4.05% 4.05% 0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% <=90 91-240 241-420 421-720 721-1200 >1440 Duration(minute)
9 4.4 Attack Size Distribution 4.5 Global Attack Source Distribution Of the attacks recorded in the quarter, more than 22% were sizeable (larger than 10Gbps): 20% ranging between 10Gps - 200Gps, and 2.67% larger than 200Gps. The US was the leading source of attacks, being the originating point of 23.75% of attacks in Q1. China and Japan followed, with 17.83% and 15.35% respectively. Germany and France vied for a spot in the Top 5, accounting for 7.78% and 6.69%. Figure 5. Distribution of Attack Sizes Table 2. Percentage of Attack Source over Worldwide nexusguard.com 77.33% 20.00% 2.67% 0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 70.00% 80.00% 90.00% < 10G >=10G and < 200G >=200G Range of Attack size Country Percentage United States China Japan Germany France Netherlands Russian Federation United Kingdom Canada Romania Others (Including 96 countries) 23.75% 17.83% 15.35% 7.78% 6.69% 3.90% 3.72% 2.48% 2.37% 2.16% 13.96%
4.6 APAC Attack Source Distribution In APAC, China was ranked No. 1, being the source of 44.84% of attacks in the region. Japan came in second with 38.61%. The Russian Federation and Vietnam contributed 9.36% and 1.62% respectively. Table 3. Percentage of Attack Source among Asian Countries nexusguard.com10 Country Percentage China Japan Russian Federation Vietnam Singapore South Korea Taiwan Hong Kong Saudi Arabia Israel Others (Including 20 countries) 44.84% 38.61% 9.36% 1.62% 1.14% 1.09% 0.97% 0.72% 0.50% 0.27% 0.87%
4.7 Reflective DDoS Attacks by Autonomous System Number (ASN) AS-PNAPTOK placed first among all network ASNs with 30.58%. Second and third were PROXAD and CHINANET- BACKBONE with 11.96% and 11.17% respectively. nexusguard.com AS Number PercentageNetwork Name 17675 12322 4134 9808 23650 7922 7018 16276 63949 31400 30.58% 11.96% 11.17% 8.21% 7.72% 7.32% 5.96% 5.79% 5.66% 5.64% AS-PNAPTOK PROXAD CHINANET-BACKBONE CMNET-GD CHINANET-JS-AS-AP COMCAST-7922 ATT-INTERNET4 OVH LINODE-AP ACCELERATED-IT Table 4. ASN Rankings with Attack Size 11
12 5. Conclusions DDoS attacks are no longer concentrated over predictable periods. Holiday or long weekend — no matter, the attackers never rest. The patterns are more erratic, the techniques more complex, and the attacks last longer and tend to target multiple vectors. During Q1 2017, application-layer attacks like HTTP GET/POST Flood predominated, overtaking volumetric- based attacks. Furthermore, over the past few years, the increasing adoption of Internet of Things (IoT) has resulted in a massive number of poorly guarded, unsecured devices. The exploitation of the resulting vulnerabilities has fueled the rapid growth of Botnets, which in turn are supplying attackers with myriad hijacked IP addresses, enabling them to launch more long-lasting, sophisticated attacks. To combat these increasingly complex DDoS attacks, which often target multiple vectors at the same time, a multi-layered mitigation platform that leverages a large, redundant scrubbing network with the support of a 24x7 security operations center (SOC) is much needed. nexusguard.com
Global Leader in DDoS Mitigation nexusguard.com456 Montgomery Street, Suite 800 San Francisco, CA 94104 USA | +1 415 299 8550 20170526-EN-A4 About Nexusguard Founded in 2008, Nexusguard is the global leader in fighting malicious Internet attacks. Nexusguard protects clients against a multitude of threats, including distributed denial of service (DDoS) attacks, to ensure uninterrupted Internet service. Nexusguard provides comprehensive, highly customized solutions for customers of all sizes, across a range of industries, and also enables turnkey anti-DDoS solutions for service providers. Nexusguard delivers on its promise to maximize peace of mind by minimizing threats and improving uptime. Visit www.nexusguard.com for more information.

Recommended

DDoS threat landscape report
DDoS threat landscape reportDDoS threat landscape report
DDoS threat landscape report
Bee_Ware
 
Akamai security report
Akamai security reportAkamai security report
Akamai security report
Honza Beranek
 
Midyear security-report-2016
Midyear security-report-2016Midyear security-report-2016
Midyear security-report-2016
Andrey Apuhtin
 
Time line-of-ddos-campaigns-against-mit-threat-advisory
Time line-of-ddos-campaigns-against-mit-threat-advisory Time line-of-ddos-campaigns-against-mit-threat-advisory
Time line-of-ddos-campaigns-against-mit-threat-advisory
Andrey Apuhtin
 
sophos-four-key-tips-from-incident-response-experts.pdf
sophos-four-key-tips-from-incident-response-experts.pdfsophos-four-key-tips-from-incident-response-experts.pdf
sophos-four-key-tips-from-incident-response-experts.pdf
Dennis Reyes
 
2015-cloud-security-report-q2
2015-cloud-security-report-q22015-cloud-security-report-q2
2015-cloud-security-report-q2
Gaurav Ahluwalia
 
20140313_tu_delft
20140313_tu_delft20140313_tu_delft
20140313_tu_delft
University of Twente
 
20150311 bit module7_tbk_bit_lecture
20150311 bit module7_tbk_bit_lecture20150311 bit module7_tbk_bit_lecture
20150311 bit module7_tbk_bit_lecture
University of Twente
 

Recommended

DDoS threat landscape report
DDoS threat landscape reportDDoS threat landscape report
DDoS threat landscape report
Bee_Ware
 
Akamai security report
Akamai security reportAkamai security report
Akamai security report
Honza Beranek
 
Midyear security-report-2016
Midyear security-report-2016Midyear security-report-2016
Midyear security-report-2016
Andrey Apuhtin
 
Time line-of-ddos-campaigns-against-mit-threat-advisory
Time line-of-ddos-campaigns-against-mit-threat-advisory Time line-of-ddos-campaigns-against-mit-threat-advisory
Time line-of-ddos-campaigns-against-mit-threat-advisory
Andrey Apuhtin
 
sophos-four-key-tips-from-incident-response-experts.pdf
sophos-four-key-tips-from-incident-response-experts.pdfsophos-four-key-tips-from-incident-response-experts.pdf
sophos-four-key-tips-from-incident-response-experts.pdf
Dennis Reyes
 
2015-cloud-security-report-q2
2015-cloud-security-report-q22015-cloud-security-report-q2
2015-cloud-security-report-q2
Gaurav Ahluwalia
 
20140313_tu_delft
20140313_tu_delft20140313_tu_delft
20140313_tu_delft
University of Twente
 
20150311 bit module7_tbk_bit_lecture
20150311 bit module7_tbk_bit_lecture20150311 bit module7_tbk_bit_lecture
20150311 bit module7_tbk_bit_lecture
University of Twente
 
20160316_tbk_bit_module7
20160316_tbk_bit_module720160316_tbk_bit_module7
20160316_tbk_bit_module7
University of Twente
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public Comment
David Sweigert
 
The modern-malware-review-march-2013
The modern-malware-review-march-2013 The modern-malware-review-march-2013
The modern-malware-review-march-2013
Комсс Файквэе
 
Cloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-decCloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-dec
gusbarrett
 
Netscout threat report 2018
Netscout threat report 2018Netscout threat report 2018
Netscout threat report 2018
Gabe Akisanmi
 
PPT-5.11.09
PPT-5.11.09PPT-5.11.09
PPT-5.11.09
Saumya Agarwal
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat
FireEye, Inc.
 
1766 1770
1766 17701766 1770
1766 1770
Editor IJARCET
 
M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails
FireEye, Inc.
 
DDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero SurveyDDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero Survey
Stephanie Weagle
 
Evolution terriskmod woo_journalre
Evolution terriskmod woo_journalreEvolution terriskmod woo_journalre
Evolution terriskmod woo_journalre
dacooil
 
Webinar: DRaaS - It’s Not Just For Disasters Anymore
Webinar: DRaaS - It’s Not Just For Disasters AnymoreWebinar: DRaaS - It’s Not Just For Disasters Anymore
Webinar: DRaaS - It’s Not Just For Disasters Anymore
Storage Switzerland
 
201408 fire eye korea user event press roundtable
201408 fire eye korea user event press roundtable201408 fire eye korea user event press roundtable
201408 fire eye korea user event press roundtable
JunSeok Seo
 
Scouting report
Scouting report Scouting report
Scouting report
Chatura Ahangama
 
A Case Study on the Effects of Cyber Attacks on Firms' Stock Price
A Case Study on the Effects of Cyber Attacks on Firms' Stock PriceA Case Study on the Effects of Cyber Attacks on Firms' Stock Price
A Case Study on the Effects of Cyber Attacks on Firms' Stock Price
Shravan Chandrasekaran
 
A worst case worm
A worst case wormA worst case worm
A worst case worm
UltraUploader
 
M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat
FireEye, Inc.
 
document(1)
document(1)document(1)
document(1)
Diney Wankhede
 
Cisco 2018, Annual Cybersecurity Report
Cisco 2018, Annual Cybersecurity ReportCisco 2018, Annual Cybersecurity Report
Cisco 2018, Annual Cybersecurity Report
Geneva Business School Myanmar Campus
 
Network and Application Security 2017. Prediction 2017
Network and Application Security 2017. Prediction 2017Network and Application Security 2017. Prediction 2017
Network and Application Security 2017. Prediction 2017
Wallarm
 
Network Security in 2016
Network Security in 2016Network Security in 2016
Network Security in 2016
Qrator Labs
 
Global Cyber Attacks report 2018 - 2019 | HaltDos
Global Cyber Attacks report 2018 - 2019 | HaltDosGlobal Cyber Attacks report 2018 - 2019 | HaltDos
Global Cyber Attacks report 2018 - 2019 | HaltDos
Haltdos
 

More Related Content

What's hot

20160316_tbk_bit_module7
20160316_tbk_bit_module720160316_tbk_bit_module7
20160316_tbk_bit_module7
University of Twente
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public Comment
David Sweigert
 
The modern-malware-review-march-2013
The modern-malware-review-march-2013 The modern-malware-review-march-2013
The modern-malware-review-march-2013
Комсс Файквэе
 
Cloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-decCloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-dec
gusbarrett
 
Netscout threat report 2018
Netscout threat report 2018Netscout threat report 2018
Netscout threat report 2018
Gabe Akisanmi
 
PPT-5.11.09
PPT-5.11.09PPT-5.11.09
PPT-5.11.09
Saumya Agarwal
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat
FireEye, Inc.
 
1766 1770
1766 17701766 1770
1766 1770
Editor IJARCET
 
M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails
FireEye, Inc.
 
DDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero SurveyDDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero Survey
Stephanie Weagle
 
Evolution terriskmod woo_journalre
Evolution terriskmod woo_journalreEvolution terriskmod woo_journalre
Evolution terriskmod woo_journalre
dacooil
 
Webinar: DRaaS - It’s Not Just For Disasters Anymore
Webinar: DRaaS - It’s Not Just For Disasters AnymoreWebinar: DRaaS - It’s Not Just For Disasters Anymore
Webinar: DRaaS - It’s Not Just For Disasters Anymore
Storage Switzerland
 
201408 fire eye korea user event press roundtable
201408 fire eye korea user event press roundtable201408 fire eye korea user event press roundtable
201408 fire eye korea user event press roundtable
JunSeok Seo
 
Scouting report
Scouting report Scouting report
Scouting report
Chatura Ahangama
 
A Case Study on the Effects of Cyber Attacks on Firms' Stock Price
A Case Study on the Effects of Cyber Attacks on Firms' Stock PriceA Case Study on the Effects of Cyber Attacks on Firms' Stock Price
A Case Study on the Effects of Cyber Attacks on Firms' Stock Price
Shravan Chandrasekaran
 
A worst case worm
A worst case wormA worst case worm
A worst case worm
UltraUploader
 
M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat
FireEye, Inc.
 
document(1)
document(1)document(1)
document(1)
Diney Wankhede
 

What's hot (18)

20160316_tbk_bit_module7
20160316_tbk_bit_module720160316_tbk_bit_module7
20160316_tbk_bit_module7
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public Comment
 
The modern-malware-review-march-2013
The modern-malware-review-march-2013 The modern-malware-review-march-2013
The modern-malware-review-march-2013
 
Cloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-decCloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-dec
 
Netscout threat report 2018
Netscout threat report 2018Netscout threat report 2018
Netscout threat report 2018
 
PPT-5.11.09
PPT-5.11.09PPT-5.11.09
PPT-5.11.09
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat
 
1766 1770
1766 17701766 1770
1766 1770
 
M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails
 
DDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero SurveyDDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero Survey
 
Evolution terriskmod woo_journalre
Evolution terriskmod woo_journalreEvolution terriskmod woo_journalre
Evolution terriskmod woo_journalre
 
Webinar: DRaaS - It’s Not Just For Disasters Anymore
Webinar: DRaaS - It’s Not Just For Disasters AnymoreWebinar: DRaaS - It’s Not Just For Disasters Anymore
Webinar: DRaaS - It’s Not Just For Disasters Anymore
 
201408 fire eye korea user event press roundtable
201408 fire eye korea user event press roundtable201408 fire eye korea user event press roundtable
201408 fire eye korea user event press roundtable
 
Scouting report
Scouting report Scouting report
Scouting report
 
A Case Study on the Effects of Cyber Attacks on Firms' Stock Price
A Case Study on the Effects of Cyber Attacks on Firms' Stock PriceA Case Study on the Effects of Cyber Attacks on Firms' Stock Price
A Case Study on the Effects of Cyber Attacks on Firms' Stock Price
 
A worst case worm
A worst case wormA worst case worm
A worst case worm
 
M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat
 
document(1)
document(1)document(1)
document(1)
 

Similar to Nexusguard d do_s_threat_report_q1_2017_en

Cisco 2018, Annual Cybersecurity Report
Cisco 2018, Annual Cybersecurity ReportCisco 2018, Annual Cybersecurity Report
Cisco 2018, Annual Cybersecurity Report
Geneva Business School Myanmar Campus
 
Network and Application Security 2017. Prediction 2017
Network and Application Security 2017. Prediction 2017Network and Application Security 2017. Prediction 2017
Network and Application Security 2017. Prediction 2017
Wallarm
 
Network Security in 2016
Network Security in 2016Network Security in 2016
Network Security in 2016
Qrator Labs
 
Global Cyber Attacks report 2018 - 2019 | HaltDos
Global Cyber Attacks report 2018 - 2019 | HaltDosGlobal Cyber Attacks report 2018 - 2019 | HaltDos
Global Cyber Attacks report 2018 - 2019 | HaltDos
Haltdos
 
Security troubles in e commerce website
Security troubles in e commerce websiteSecurity troubles in e commerce website
Security troubles in e commerce website
Dr. Raghavendra GS
 
Cisco Midyear Security Report 2016
Cisco Midyear Security Report 2016Cisco Midyear Security Report 2016
Cisco Midyear Security Report 2016
Maticmind
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
akamai's [state of internet] / security
akamai's [state of internet] / securityakamai's [state of internet] / security
akamai's [state of internet] / security
The Internet of Things
 
Key Findings from Arbor's Tenth World-Wide Infrastructure Security Report
Key Findings from Arbor's Tenth World-Wide Infrastructure Security ReportKey Findings from Arbor's Tenth World-Wide Infrastructure Security Report
Key Findings from Arbor's Tenth World-Wide Infrastructure Security Report
APNIC
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rh
James Herold
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
NTT Innovation Institute Inc.
 
KRNIC Data Driven DNS Security
KRNIC Data Driven DNS SecurityKRNIC Data Driven DNS Security
KRNIC Data Driven DNS Security
APNIC
 
Unit III AssessmentQuestion 1 1. Compare and contrast two.docx
Unit III AssessmentQuestion 1 1. Compare and contrast two.docxUnit III AssessmentQuestion 1 1. Compare and contrast two.docx
Unit III AssessmentQuestion 1 1. Compare and contrast two.docx
marilucorr
 
DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...
DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...
DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...
CMR WORLD TECH
 
Overview of Ransomware Solutions from Protection to Detection and Response.pptx
Overview of Ransomware Solutions from Protection to Detection and Response.pptxOverview of Ransomware Solutions from Protection to Detection and Response.pptx
Overview of Ransomware Solutions from Protection to Detection and Response.pptx
CompanySeceon
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and Mitigation
Maaz Ahmed Shaikh
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEM
Joseph DeFever
 
DDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in DefenseDDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in Defense
NETSCOUT
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
Alert Logic
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
Peggy Lawless
 

Similar to Nexusguard d do_s_threat_report_q1_2017_en (20)

Cisco 2018, Annual Cybersecurity Report
Cisco 2018, Annual Cybersecurity ReportCisco 2018, Annual Cybersecurity Report
Cisco 2018, Annual Cybersecurity Report
 
Network and Application Security 2017. Prediction 2017
Network and Application Security 2017. Prediction 2017Network and Application Security 2017. Prediction 2017
Network and Application Security 2017. Prediction 2017
 
Network Security in 2016
Network Security in 2016Network Security in 2016
Network Security in 2016
 
Global Cyber Attacks report 2018 - 2019 | HaltDos
Global Cyber Attacks report 2018 - 2019 | HaltDosGlobal Cyber Attacks report 2018 - 2019 | HaltDos
Global Cyber Attacks report 2018 - 2019 | HaltDos
 
Security troubles in e commerce website
Security troubles in e commerce websiteSecurity troubles in e commerce website
Security troubles in e commerce website
 
Cisco Midyear Security Report 2016
Cisco Midyear Security Report 2016Cisco Midyear Security Report 2016
Cisco Midyear Security Report 2016
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
akamai's [state of internet] / security
akamai's [state of internet] / securityakamai's [state of internet] / security
akamai's [state of internet] / security
 
Key Findings from Arbor's Tenth World-Wide Infrastructure Security Report
Key Findings from Arbor's Tenth World-Wide Infrastructure Security ReportKey Findings from Arbor's Tenth World-Wide Infrastructure Security Report
Key Findings from Arbor's Tenth World-Wide Infrastructure Security Report
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rh
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
 
KRNIC Data Driven DNS Security
KRNIC Data Driven DNS SecurityKRNIC Data Driven DNS Security
KRNIC Data Driven DNS Security
 
Unit III AssessmentQuestion 1 1. Compare and contrast two.docx
Unit III AssessmentQuestion 1 1. Compare and contrast two.docxUnit III AssessmentQuestion 1 1. Compare and contrast two.docx
Unit III AssessmentQuestion 1 1. Compare and contrast two.docx
 
DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...
DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...
DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...
 
Overview of Ransomware Solutions from Protection to Detection and Response.pptx
Overview of Ransomware Solutions from Protection to Detection and Response.pptxOverview of Ransomware Solutions from Protection to Detection and Response.pptx
Overview of Ransomware Solutions from Protection to Detection and Response.pptx
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and Mitigation
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEM
 
DDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in DefenseDDoS Attacks in 2020 & Best Practices in Defense
DDoS Attacks in 2020 & Best Practices in Defense
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
 

More from Andrey Apuhtin

Shadow pad technical_description_pdf
Shadow pad technical_description_pdfShadow pad technical_description_pdf
Shadow pad technical_description_pdf
Andrey Apuhtin
 
Ftc cdt-vpn-complaint-8-7-17
Ftc cdt-vpn-complaint-8-7-17Ftc cdt-vpn-complaint-8-7-17
Ftc cdt-vpn-complaint-8-7-17
Andrey Apuhtin
 
Hutchins redacted indictment
Hutchins redacted indictmentHutchins redacted indictment
Hutchins redacted indictment
Andrey Apuhtin
 
Dr web review_mob_july_2017
Dr web review_mob_july_2017Dr web review_mob_july_2017
Dr web review_mob_july_2017
Andrey Apuhtin
 
Pandalabs отчет за 1 квартал 2017
Pandalabs отчет за 1 квартал 2017Pandalabs отчет за 1 квартал 2017
Pandalabs отчет за 1 квартал 2017
Andrey Apuhtin
 
Sel03129 usen
Sel03129 usenSel03129 usen
Sel03129 usen
Andrey Apuhtin
 
Cldap threat-advisory
Cldap threat-advisoryCldap threat-advisory
Cldap threat-advisory
Andrey Apuhtin
 
Lookout pegasus-android-technical-analysis
Lookout pegasus-android-technical-analysisLookout pegasus-android-technical-analysis
Lookout pegasus-android-technical-analysis
Andrey Apuhtin
 
Rand rr1751
Rand rr1751Rand rr1751
Rand rr1751
Andrey Apuhtin
 
Apwg trends report_q4_2016
Apwg trends report_q4_2016Apwg trends report_q4_2016
Apwg trends report_q4_2016
Andrey Apuhtin
 
Browser history
Browser historyBrowser history
Browser history
Andrey Apuhtin
 
Software
SoftwareSoftware
Software
Andrey Apuhtin
 
Antivirus
AntivirusAntivirus
Antivirus
Andrey Apuhtin
 
Https interception
Https interceptionHttps interception
Https interception
Andrey Apuhtin
 
Wilssc 006 xml
Wilssc 006 xmlWilssc 006 xml
Wilssc 006 xml
Andrey Apuhtin
 
News berthaume-sentencing-jan2017
News berthaume-sentencing-jan2017News berthaume-sentencing-jan2017
News berthaume-sentencing-jan2017
Andrey Apuhtin
 
Windows exploitation-2016-a4
Windows exploitation-2016-a4Windows exploitation-2016-a4
Windows exploitation-2016-a4
Andrey Apuhtin
 
Mw stj 08252016_2
Mw stj 08252016_2Mw stj 08252016_2
Mw stj 08252016_2
Andrey Apuhtin
 
150127iotrpt
150127iotrpt150127iotrpt
150127iotrpt
Andrey Apuhtin
 

More from Andrey Apuhtin (20)

Shadow pad technical_description_pdf
Shadow pad technical_description_pdfShadow pad technical_description_pdf
Shadow pad technical_description_pdf
 
Ftc cdt-vpn-complaint-8-7-17
Ftc cdt-vpn-complaint-8-7-17Ftc cdt-vpn-complaint-8-7-17
Ftc cdt-vpn-complaint-8-7-17
 
Hutchins redacted indictment
Hutchins redacted indictmentHutchins redacted indictment
Hutchins redacted indictment
 
Dr web review_mob_july_2017
Dr web review_mob_july_2017Dr web review_mob_july_2017
Dr web review_mob_july_2017
 
Dmarc
DmarcDmarc
Dmarc
 
Pandalabs отчет за 1 квартал 2017
Pandalabs отчет за 1 квартал 2017Pandalabs отчет за 1 квартал 2017
Pandalabs отчет за 1 квартал 2017
 
Sel03129 usen
Sel03129 usenSel03129 usen
Sel03129 usen
 
Cldap threat-advisory
Cldap threat-advisoryCldap threat-advisory
Cldap threat-advisory
 
Lookout pegasus-android-technical-analysis
Lookout pegasus-android-technical-analysisLookout pegasus-android-technical-analysis
Lookout pegasus-android-technical-analysis
 
Rand rr1751
Rand rr1751Rand rr1751
Rand rr1751
 
Apwg trends report_q4_2016
Apwg trends report_q4_2016Apwg trends report_q4_2016
Apwg trends report_q4_2016
 
Browser history
Browser historyBrowser history
Browser history
 
Software
SoftwareSoftware
Software
 
Antivirus
AntivirusAntivirus
Antivirus
 
Https interception
Https interceptionHttps interception
Https interception
 
Wilssc 006 xml
Wilssc 006 xmlWilssc 006 xml
Wilssc 006 xml
 
News berthaume-sentencing-jan2017
News berthaume-sentencing-jan2017News berthaume-sentencing-jan2017
News berthaume-sentencing-jan2017
 
Windows exploitation-2016-a4
Windows exploitation-2016-a4Windows exploitation-2016-a4
Windows exploitation-2016-a4
 
Mw stj 08252016_2
Mw stj 08252016_2Mw stj 08252016_2
Mw stj 08252016_2
 
150127iotrpt
150127iotrpt150127iotrpt
150127iotrpt
 

Recently uploaded

May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
Adele Miller
 
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Łukasz Chruściel
 
Launch Your Streaming Platforms in Minutes
Launch Your Streaming Platforms in MinutesLaunch Your Streaming Platforms in Minutes
Launch Your Streaming Platforms in Minutes
Roshan Dwivedi
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
Rakesh Kumar R
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
mz5nrf0n
 
SWEBOK and Education at FUSE Okinawa 2024
SWEBOK and Education at FUSE Okinawa 2024SWEBOK and Education at FUSE Okinawa 2024
SWEBOK and Education at FUSE Okinawa 2024
Hironori Washizaki
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
Preparing Non - Technical Founders for Engaging a Tech Agency
Preparing Non - Technical Founders for Engaging a Tech AgencyPreparing Non - Technical Founders for Engaging a Tech Agency
Preparing Non - Technical Founders for Engaging a Tech Agency
ISH Technologies
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
Neo4j
 
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
Alina Yurenko
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptxLORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
lorraineandreiamcidl
 
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Crescat
 
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)
Boni García
 
Mobile app Development Services | Drona Infotech
Mobile app Development Services | Drona InfotechMobile app Development Services | Drona Infotech
Mobile app Development Services | Drona Infotech
Drona Infotech
 
在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样
在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样
在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样
mz5nrf0n
 
Transform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR SolutionsTransform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR Solutions
TheSMSPoint
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
Google
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
Aftab Hussain
 
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket ManagementUtilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate
 

Recently uploaded (20)

May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
 
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
 
Launch Your Streaming Platforms in Minutes
Launch Your Streaming Platforms in MinutesLaunch Your Streaming Platforms in Minutes
Launch Your Streaming Platforms in Minutes
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
 
SWEBOK and Education at FUSE Okinawa 2024
SWEBOK and Education at FUSE Okinawa 2024SWEBOK and Education at FUSE Okinawa 2024
SWEBOK and Education at FUSE Okinawa 2024
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
Preparing Non - Technical Founders for Engaging a Tech Agency
Preparing Non - Technical Founders for Engaging a Tech AgencyPreparing Non - Technical Founders for Engaging a Tech Agency
Preparing Non - Technical Founders for Engaging a Tech Agency
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
 
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptxLORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
 
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
 
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)
 
Mobile app Development Services | Drona Infotech
Mobile app Development Services | Drona InfotechMobile app Development Services | Drona Infotech
Mobile app Development Services | Drona Infotech
 
在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样
在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样
在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样
 
Transform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR SolutionsTransform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR Solutions
 
Vitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdfVitthal Shirke Java Microservices Resume.pdf
Vitthal Shirke Java Microservices Resume.pdf
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
 
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket ManagementUtilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
 

Nexusguard d do_s_threat_report_q1_2017_en

  • 1. Distributed Denial of Service (DDoS) Threat Report Q1 2017 Threat Report Global Leader in DDoS Mitigation nexusguard.com456 Montgomery Street, Suite 800 San Francisco, CA 94104 USA | +1 415 299 8550
  • 2. 2 Contents 1. Methodology . . . . . . . . . . . . . . . . . . . 3 2. Key Observations for Q1 2017 . . . . . . . . . . . . . . . 4 5. Conclusions . . . . . . . . . . . . . . . . . . . 12 3. Quarterly Focus: Attackers Don’t Go on Vacation During Holidays . . . . . 5 3.1 Holidays Are No Longer Peaceful . . . . . . . . . . . . . . . . . . . 5 3.2 A New Years Nightmare . . . . . . . . . . . . . . . . . . . 5 3.3 Heavy Hits on the Day of Romance . . . . . . . . . . . . . . . 5 3.4 Attack Frequency Changes . . . . . . . . . . . . . . . 6 nexusguard.com 4. DDoS Activities . . . . . . . . . . . . . . . . . . . 7 4.1 Types of Vectors . . . . . . 7 4.2 Quantity of Attack Vectors . . . . . . 8 4.3 Attack Duration . . . . . . 8 4.4 Attack Size Distribution . . . . . . 9 4.5 Global Attack Source Distribution . . . . . . 9 4.6 APAC Attack Source Distribution . . . . . . 10 4.7 Reflective DDoS Attacks by Autonomous System Number (ASN) . . . . . . 11
  • 3. 1. Methodology As the global leader in Distributed Denial of Service (DDoS) attack mitigation, Nexusguard observes and collects real-time data on threats facing enterprise and service-provider networks worldwide. Data is gathered via botnet scanning, Honeypots, ISPs, and traffic moving between attackers and their targets. The analysis conducted by Nexusguard and our research partner, attackscape.com (https://www.attackscape.com/), identifies vulnerabilities and measures attack trends worldwide to provide a comprehensive view of DDoS threats. Attacks and hacking activities exert a sizeable impact on cybersecurity. Because of the comprehensive, global nature of our data sets and observations, Nexusguard is able to evaluate DDoS events in a manner that is not biased by any single set of customers or industries. Many zero-day threats are first seen on our global research network. These threats, among others, are summarized in our quarterly reports. 3 nexusguard.com
  • 4. 4 2. Key Observations for Q1 2017 • In Q1 2017, the number of DDoS attacks observed by Nexusguard registered a 380% year-on-year growth, suggesting that DDoS attacks occurred more frequently than the same period a year ago. It can be concluded that the impact of seasonal factors on attack frequency has become less apparent. • Uncommonly fierce attacks were observed in Q1 2017 — much more so than in preceding quarters. An enormous 275Gbps attack took place during Valentine’s Day and a lengthy attack spanning 4,060 minutes occurred over the Chinese New Year. • The percentage of days with sizeable attacks (larger than 10Gbps) grew considerably between January (48.39%) and March (64.29%). • HTTP attack counts and total attack counts increased over Q4 2016 by 147.13% and 37.59% respectively. nexusguard.com
  • 5. 5 3. Quarterly Focus: Attackers Don’t Go on Vacation During Holidays 3.1 Holidays Are No Longer Peaceful Prior to 2017, attacks were not common in the year’s first quarter. This year, however, the magnitude and frequency of attacks reached an unprecedented level. Two attacks with the largest size and duration ever were tracked during Q1 holidays in APAC and the West. 3.2 A New Years Nightmare In APAC, a lengthy attack January 28-31, the period of Chinese New Year, lasted 2 days, 19 hours, and 40 minutes. It was a widespread, disruptive event that left celebrants weary and exhausted upon returning to work. 3.3 Heavy Hits on the Day of Romance In the West, an attack over Valentine’s Day (February 14-15) lasting 21 hours and 31 minutes spiked up to 275.77Gbps. It was an unusual event in that Valentine’s Day had not been targeted previously. nexusguard.com As noted in our Q4 2016 report, 200+Gbps attacks have become commonplace. Such large- scale attacks continued this quarter, but now with more frequency, longer durations, and greater complexity, especially with the increased use of HTTP GET/POST flood to target the application layer. Multi-vector attacks in the form of advanced persistent threats (APT) also became more common. During Q1, attackers didn’t take a break for any holidays.
  • 6. Q1 2017 saw increased frequency of DDoS attacks compared with corresponding quarters in 2015 and 2016, during which attacks were less scalable and frequent. 2017 attack counts increased by 231.12% over Q1 2015 and 379.84% over Q1 2016. The turning point, when gigantic, continuous attacks began to wreak havoc, appears to be Q4 2016, reflecting a ripple effect of increased Botnet activity that occurred in the year’s final quarter. 6 3.4 Attack Frequency Changes nexusguard.com Figure 1. Attack Frequency in Q1 — 2015 through 2017
  • 7. 4.1 Types of Vectors In Q1 2017, 21 attack vectors were identified in 16,641 attacks. HTTP Flood was the predominant type, contributing 24.36%. TCP Flag Invalid Attack took second place at 20.28%. TCP SYN Attack and UDP Attack were the third and fourth leading vectors with 17.17% and 13.85% respectively. Figure 2. Distribution of DDoS Attack Vectors The total number of attacks in Q1 2017 jumped 37.59% over Q4 2016. HTTP attacks proliferated, showing an increase of 147.13% in the quarter. Application layer attacks encompassing HTTP Flood (86.77%) and HTTPS Flood (13.23%) soared as predicted in our Q4 2016 threat report. 93.75% of the attacks were mixed with volumetric and application aspects, whereas only 6.25% were pure application attacks. Since they call for multi-layered defense mechanisms, which are costly and, therefore, target enterprises have yet to upgrade their DDoS attack mitigation solutions to in order protect their online resources from the growing threat of multi-vector DDoS attacks. 7 4. DDoS Activities nexusguard.com 24.36% 20.28% 17.17% 13.85% 6.96% 3.71% 3.20% 2.36% 1.99% 1.60% 1.23% 1.15% 0.89% 0.83% 0.23% 0.16% 0.01% 0.01% 0.01% 0.01% 0.00% 5.00% 10.00% 15.00% 20.00% 25.00% 30.00% HTTP Flood TCP Flag Invalid Attack TCP SYN Attack UDP Attack IP Fragmentation Attack HTTPS Flood ICMP Attack TCP RST Attack DNS Amplification Attack UDP Fragmentation Attack DNS Attack NTP Amplification Attack SSDP Amplification Attack IP Bogons TCP Fragmentation Attack SNMP Amplification Attack SIP Flood IP LAND Attack TCP Out of state Attack TCP Connection Flood 4053 15842 1640 11514 HTTP Attack Counts Total Attack Counts 147.13% 37.59% Percentage of Attacks Q1 2017 over Q4 2016 Table 1. Comparison of Attacks - Q4 2016 and Q1 2017 Q1 2017Q4 2016
  • 8. 8 4.2 Quantity of Attack Vectors 4.3 Attack Duration Multi-vector attacks played the leading role in Q1 2017. 31.08% of attacks were single vector, while the rest were multi- vector. More than 48% of attacks lasted longer than 90 minutes: 22.97% were between 91 and 240 minutes, and 12.16% between 241 and 420 minutes. 4.05% of attacks exceeded 1,400 minutes. Figure 3. Distribution of Attack Vectors in Q1 2017 Figure 4. Distribution of Attack Duration nexusguard.com 0 0.05 0.1 0.15 0.2 0.25 0.3 0.35 1 2 3 4 5 6 10 Nunberofattackvector Percentage 31.08% 29.73% 20.27% 10.81% 5.41% 1.35% 1.35% 51.35% 22.97% 12.16% 5.41% 4.05% 4.05% 0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% <=90 91-240 241-420 421-720 721-1200 >1440 Duration(minute)
  • 9. 9 4.4 Attack Size Distribution 4.5 Global Attack Source Distribution Of the attacks recorded in the quarter, more than 22% were sizeable (larger than 10Gbps): 20% ranging between 10Gps - 200Gps, and 2.67% larger than 200Gps. The US was the leading source of attacks, being the originating point of 23.75% of attacks in Q1. China and Japan followed, with 17.83% and 15.35% respectively. Germany and France vied for a spot in the Top 5, accounting for 7.78% and 6.69%. Figure 5. Distribution of Attack Sizes Table 2. Percentage of Attack Source over Worldwide nexusguard.com 77.33% 20.00% 2.67% 0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 70.00% 80.00% 90.00% < 10G >=10G and < 200G >=200G Range of Attack size Country Percentage United States China Japan Germany France Netherlands Russian Federation United Kingdom Canada Romania Others (Including 96 countries) 23.75% 17.83% 15.35% 7.78% 6.69% 3.90% 3.72% 2.48% 2.37% 2.16% 13.96%
  • 10. 4.6 APAC Attack Source Distribution In APAC, China was ranked No. 1, being the source of 44.84% of attacks in the region. Japan came in second with 38.61%. The Russian Federation and Vietnam contributed 9.36% and 1.62% respectively. Table 3. Percentage of Attack Source among Asian Countries nexusguard.com10 Country Percentage China Japan Russian Federation Vietnam Singapore South Korea Taiwan Hong Kong Saudi Arabia Israel Others (Including 20 countries) 44.84% 38.61% 9.36% 1.62% 1.14% 1.09% 0.97% 0.72% 0.50% 0.27% 0.87%
  • 11. 4.7 Reflective DDoS Attacks by Autonomous System Number (ASN) AS-PNAPTOK placed first among all network ASNs with 30.58%. Second and third were PROXAD and CHINANET- BACKBONE with 11.96% and 11.17% respectively. nexusguard.com AS Number PercentageNetwork Name 17675 12322 4134 9808 23650 7922 7018 16276 63949 31400 30.58% 11.96% 11.17% 8.21% 7.72% 7.32% 5.96% 5.79% 5.66% 5.64% AS-PNAPTOK PROXAD CHINANET-BACKBONE CMNET-GD CHINANET-JS-AS-AP COMCAST-7922 ATT-INTERNET4 OVH LINODE-AP ACCELERATED-IT Table 4. ASN Rankings with Attack Size 11
  • 12. 12 5. Conclusions DDoS attacks are no longer concentrated over predictable periods. Holiday or long weekend — no matter, the attackers never rest. The patterns are more erratic, the techniques more complex, and the attacks last longer and tend to target multiple vectors. During Q1 2017, application-layer attacks like HTTP GET/POST Flood predominated, overtaking volumetric- based attacks. Furthermore, over the past few years, the increasing adoption of Internet of Things (IoT) has resulted in a massive number of poorly guarded, unsecured devices. The exploitation of the resulting vulnerabilities has fueled the rapid growth of Botnets, which in turn are supplying attackers with myriad hijacked IP addresses, enabling them to launch more long-lasting, sophisticated attacks. To combat these increasingly complex DDoS attacks, which often target multiple vectors at the same time, a multi-layered mitigation platform that leverages a large, redundant scrubbing network with the support of a 24x7 security operations center (SOC) is much needed. nexusguard.com
  • 13. Global Leader in DDoS Mitigation nexusguard.com456 Montgomery Street, Suite 800 San Francisco, CA 94104 USA | +1 415 299 8550 20170526-EN-A4 About Nexusguard Founded in 2008, Nexusguard is the global leader in fighting malicious Internet attacks. Nexusguard protects clients against a multitude of threats, including distributed denial of service (DDoS) attacks, to ensure uninterrupted Internet service. Nexusguard provides comprehensive, highly customized solutions for customers of all sizes, across a range of industries, and also enables turnkey anti-DDoS solutions for service providers. Nexusguard delivers on its promise to maximize peace of mind by minimizing threats and improving uptime. Visit www.nexusguard.com for more information.