NETSCOUT SYSTEMS, a leading provider of service assurance, security, and business analytics, today released the findings of its Threat Intelligence Report for the second half of 2019, which also incorporates insights from its 15th Annual Worldwide Infrastructure Security Report™ (WISR™) survey. The report underscores the proliferation of risks faced by global enterprises and service providers. These organizations must now not only defend IT infrastructures, but also manage risks caused by increased Distributed Denial of Service (DDoS) attacks on customer-facing services and applications, mobile networks, and unsecured IoT devices.
“We’ve uncovered some disturbing statistics,” stated Hardik Modi, AVP, engineering, threat and mitigation products, NETSCOUT. “By weaponizing new attack vectors, leveraging mobile hotspots, and targeting compromised endpoint IoT devices, attackers are increasingly finding ways to infiltrate our internet-connected world. They are getting more sophisticated by using a minuscule portion of the available vulnerable devices to carry out a successful attack. The largest OpenVPN DDoS attack we observed used less than one percent of the available reflectors connected to the internet. Botmasters are waiting in the wings, since the risk will only increase in 2020 when an estimated 20.4 billion more devices are connected to the internet.”
NETSCOUT’s Threat Intelligence Report analyzes the global threat landscape, including DDoS campaigns, advanced persistent threat (APT) groups, IoT vulnerabilities, and crimeware. This report also includes findings from the WISR, an annual global survey of network, security, and IT decision-makers across enterprise and service provider organizations.
Key findings from the Threat Intelligence Report and WISR include:
- Attackers weaponized seven new UDP reflection/amplification vectors and combined variations of existing well-known attack vectors to launch pinpoint-focused DDoS attacks.
- Carpet-bombing tactics increased vertical sector attack activity; satellite telecommunications witnessed a 295% increase in attacks.
- Adversaries discovered how to use advanced reconnaissance to target client services at well-protected targets like ISPs and financial institutions to amplify attacks against specific enterprises and network operators.
- Wireless communications companies experienced a 64% increase in DDoS attack frequency from 2H 2018 to 2H 2019, mainly due to the increased tendency of gamers to use their phone services as wireless hotspots, as well as the popularity of gaming on mobile devices with 4G or LTE connectivity.
- Mirai-based variants dominated the second half of 2019 with a 57% increase targeting 17 system architectures; ASERT honeypots reflect this growth with an 87% increase in the number of exploit attempts.
- Service provider respondents to the WISR reported a 52% increase in DDoS attacks on publicly exposed service infrastructures compared to 38% the previous year.
The analysts and engineers of NETSCOUT’s ATLAS Security Engineering and Response Team (ASERT) leverage Active Level Threat Analysis System (ATLAS™) data–in conjunction with original research and infrastructure such as automated malware analysis pipelines, sinkholes, scanners, and honeypots–to provide unparalleled visibility and insights into the growing threat landscape.
To download NETSCOUT’s semi-annual Threat Intelligence Report, please click here.