IP Products

Emerging threats

by Mark Rowe

The StealthWatch Labs Intelligence Center (SLIC) – Lancope’s research initiative which tracks emerging threat information, has claimed that 30 per cent the world’s active botnet command and control servers are actually based in the United States. This is three times higher than the second and third most active countries – China (9pc) and Russia (8pc) respectively. Yet, when it comes to Internet scanning for victims to target with brute force attacks or exploit their activity, it is China (44pc) that is the most active followed by Japan (7pc), USA (6pc) and South Korea (5pc). When looking at Backscatter activity (Victims of DDOS attacks), again it is the US that tops the list at 23pc followed by Taiwan (17pc), Japan (10pc) and South Korea (8pc).

Of all the European countries, it is only Germany that features at the top of these lists, in fifth place for both botnet command and Backscatter (6pc and 5pc respectively). The UK’s only appearance in the top ten list is for botnet command and control in sixth place at 4pc. The reason the US and the other countries feature so highly is to be expected as threats often originate from inside large legitimate networks as a result of systems that have been compromised. Under the remote control of botnet operators or other nefarious external parties, these internal systems spread infections, steal data and wreak havoc on enterprise resources.

Speaking about these trends Amrit Williams, Lancope’s CTO, said, “Criminals are actively using legitimate IT resources to ply their trade worldwide. In addition, state sponsored computer network intrusion is an increasing trend that demands attention. The reality is any organisation’s expensive IT infrastructure is at risk of being recruited and used as a botnet, users email addresses abused by Backscatter (DDoS) attacks or their ports scanned. Organisations need not only to be aware of what is knocking at their gateway, but also what is happening within their walls. Instead of perimeter-centric network security to keep the bad guys out, organisations need to realise that they are already – or will be – compromised by increasingly hostile threats. Internal visibility and security context is the key to preventing cyber-attacks from taking over networks, helping to keep not just themselves but everyone safer.”

Amrit Williams, Lancope’s CTO, will be speaking at a seminar titled ‘Targeting the Kill Chain: A multifaceted approach to defence in depth’ in the Technical Theatre on Wednesday 24 April at Infosecurity Europe at 12.40pm.

To find out more about Lancope, and its solutions, products and services visit stand K50 or www.Lancope.com .

Related News

  • IP Products

    Network node

    by Mark Rowe

    New from S2 Security, a US firm offering IP-based, integrated access control, video management and mobile security management systems, is the S2…

  • IP Products

    Regional sales

    by Mark Rowe

    Milestone Systems, the Danish IP video management software (VMS) company, announced Christian Ringler, pictured, as the new Regional Sales Director for the…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing