Tag Archives: DDoS

“EMEA now top source of phishing attacks worldwide” suggests NTT Security’s Global Threat Intelligence Report

Over half (53%) of the world’s most recent phishing attacks have originated in the EMEA region, according to the 2017 Global Threat Intelligence Report (GTIR) published by NTT Security, the specialist security business within the NTT Group.

Analysing global threat trends from 1 October 2015–31 September 2016, the report also shows that, of all phishing attacks worldwide, 38% came from the Netherlands, second only to the US (41%). The data highlights that 73% of all malware globally was delivered to its victims because of a phishing attack.

According to the GTIR, which highlights the latest ransomware, phishing and DDoS attack trends and the impact of these threats against organisations, the UK was the third most common source of attacks against the EMEA behind the US (26%) and France (11%).

In terms of top attack source countries globally, the UK was second only to the US (63%) accounting for 4% of all attacks, just behind China on 3%.

CyberThreatIntelligence

The report reveals some of the biggest regional differences related to brute force attacks, which are commonly used to crack passwords. Of all brute force attacks globally, 45% started in the EMEA, which is more than the Americas (20%) and Asia (7%) combined. In addition, 45% of brute force attacks that deliberately targeted EMEA customers also started in the region.

“While phishing attacks affected organisations everywhere, the EMEA has emerged as the top region for the source of these attacks,” stated Dave Polton, global director of innovation at NTT Security. “These figures, combined with those for brute force attacks, should be of very serious concern for any organisation doing business in the EMEA, especially with the European Union (EU) General Data Protection Regulation just around the corner. Any organisation processing data belonging to EU citizens needs to demonstrate that their information security strategy is robust.”

Polton is calling for more active collaboration between business, Government and law enforcement agencies to tackle global threats and ensure measures are in place that will have a long-lasting and positive impact on global security.

Other key EMEA findings

In the EMEA, over half (54%) of all attacks were targeted at just three industry sectors: finance (20%), manufacturing (17%) and retail (17%). Over 67% of malware detected within the EMEA was some form of Trojan.

Top services used in attacks against the EMEA included file shares (45%), websites (32%) and remote administration (17%).

Frank Brandenburg, COO and regional CEO at NTT Security, said: “We all know that no security plan is guaranteed and that there will always be some level of exposure, but defining an acceptable level of risk is important. Clients are starting to understand that, by default, every employee is part of their organisation’s security team. Businesses are now seeing the value in security awareness training, knowing that educating the end user is directly connected with securing their enterprise.”

Brandenburg added: “Expanding cyber education and ensuring employees adhere to a common methodology, set of practices and mindset are key elements. Clients see that assisting and coaching their employees on the proper use of technology will only enhance the organisation’s overall security presence.”

*Download the NTT Security Global Threat Intelligence Report by accessing the following web address: https://www.nttcomsecurity.com/en/gtir-2017

Advertisements

Leave a comment

Filed under Risk UK News

Prolexic Report: ‘Distributed Denial of Service attacks on the increase’

Prolexic’s latest report on Distributed Denial of Service (DDoS) attacks has shown that, compared to this time last year, the number of attacks has increased by 22%. The report also shows that the average attack bandwidth has increased by 72%, while the average peak bandwidth has risen by 241%.

On the positive side, the report states that attack duration has decreased by 54% from an average of 38 hours to 17 hours. Attacks may last for a shorter period, but those attacks are now more frequent and more powerful.

A DDoS attack is an attempt to make a computer network unavailable to its intended users, normally by targeting it with so much data that it slows the network down and renders it unresponsive to its intended users. The largest reported DDoS attack to date was when a client of CloudFlare was targeted, with the peak of this attack reaching 400 gigabits per second.

The DDoS Report by Prolexic has shown that, compared to this time last year, the number of attacks has increased by 22%

The DDoS Report by Prolexic has shown that, compared to this time last year, the number of attacks has increased by 22%

With the threat of cyber attack increasing – something identified in the Business Continuity Institute’s Horizon Scan report, which shows that 73% of business continuity professionals are either’concerned’ or ‘extremely concerned’ by this threat materialising – the technology to counter such attacks has also developed. This could explain why the length of attacks has decreased – as one attack fails, the attacker quickly moves on to an easier target.

Gaming, software and media worlds hit hard

While the length of the attacks has – on average – halved since last year, it’s still worth noting that 17 hours could result in a major outage for the organisation being attacked. If that organisation is reliant upon its network then the consequences may well be dire.

The Prolexic report also reveals the industries most targeted by these types of attack. The gaming industry was the main victim, accounting for nearly half (46%) of all attacks. The report suggests that “gaming attacks are frequently motivated by players trying to gain a competitive advantage, or by malicious actors seeking to steal personal data from players.”

The software and technology industry and the media and entertainment sector accounted for 22% and 15% of attacks respectively, while the financial sector accounts for 10% of all attacks.

The United States was the origin of most attacks, accounting for over 20%. Having not appeared on the list at all in the previous report, Japan wasn’t too far behind with 18% while China accounted for 12% of attacks and Germany 10%.

Leave a comment

Filed under Risk UK News