F-Secure’s global honeynet measured twelve times more attack events in H1 2019 than in H1 last year

Helsinki, Finland – September 12, 2019 — /BackupReview.info/ — Cyber criminals upped the intensity of IoT and SMB-related attacks in the first half of 2019, according to a new F-Secure report, “Attack Landscape H1 2019”. The report underscores the threats IoT devices face if not properly secured when online, as well as the continued popularity of EternalBlue and related exploits two years after WannaCry.

F-Secure’s honeypots – decoy servers that are set up to lure in attackers for the purpose of collecting information – measured a twelvefold increase in such events compared to the same period a year ago. The increase was driven by traffic targeting the Telnet and UPnP protocols, which are used by IoT devices, as well as the SMB protocol, which is used by the Eternal family of exploits to propagate ransomware and banking Trojans.

Telnet traffic accounted for the largest share of traffic for the period, with over 760 million attack events logged, or around 26 percent of traffic. UPnP was the next most frequent, with 611 million attacks. SSH, which is also used to target IoT devices, had 456 million attacks. Likely sources of this traffic are IoT devices infected with malware such as Mirai, which was also the most common malware family seen by the honeypots. Mirai infects routers, security cameras, and other IoT devices that use factory default credentials.

Traffic to SMB port 445 accounted for 556 million attacks. The high level of SMB traffic is an indication that the Eternal family of exploits, the first of which was used in the devastating WannaCry ransomware outbreak of 2017, is still alive and well, trying to ravage millions of still-unpatched machines.

“Three years after Mirai first appeared, and two years after WannaCry, it shows that we still haven’t solved the problems leveraged in those outbreaks,” said F-Secure Principal Researcher Jarno Niemela. “The insecurity of the IoT, for one, is only getting more profound, with more and more devices cropping up all the time and then being co-opted into botnets. And the activity on SMB indicates there are still too many machines out there that remain unpatched.”

Other findings from the report include:

  • Countries whose IP spaces played host to the highest numbers of attack sources were China, the US, Russia, and Germany.
  • Countries where the most attacks were directed were the US, Austria, Ukraine, UK, the Netherlands, and Italy.
  • The most common delivery method for ransomware during the period was via remote desktop protocol (RDP) at 31 percent of cases.
  • The greatest share of Telnet traffic came from the US, Germany, UK and the Netherlands.
  • The greatest share of SMB traffic came from China.

The full report is available on F-Secure’s blog – https://blog.f-secure.com/attack-landscape-h1-2019-iot-smb-traffic-abound/

About F-Secure
Nobody has better visibility into real-life cyber attacks than F-Secure. We’re closing the gap between detection and response, utilizing the unmatched threat intelligence of hundreds of our industry’s best technical consultants, millions of devices running our award-winning software, and ceaseless innovations in artificial intelligence. Top banks, airlines, and enterprises trust our commitment to beating the world’s most potent threats. Together with our network of the top channel partners and over 200 service providers, we’re on a mission to make sure everyone has the enterprise-grade cyber security we all need.

Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.

f-secure.com | twitter.com/fsecure | linkedin.com/f-secure

F-Secure media relations
Adam Pilkey
+358 40 637 8859

Source:  F-Secure

 

 

 

General Tags: CEO interviews, online file storage, online backup news, top rated online backups, online backup services, online data backup, SaaS, online backup providers directory, cloud computing, online backup companies, backing up online, online backup, online file backup, online backup reviews, data storage, compare online backups, software as a service, data security

Like us on Facebook




===========================
Do you like this post? Subscribe to our RSS feed ===========================



Share/Save/Bookmark

Related posts:

  1. Kaspersky Reports More Than 100 Million Attacks Hit Smart Devices in H1 2019
  2. SolarWinds Strengthens Management for Mac Devices with Seamless Monitoring and Protection for Mac and Windows Devices from One Dashboard
  3. Report Finds 18% Rise in DDoS Attacks in Q2 2019
  4. DDoS Attacks via WordPress Now Come with Encryption, Kaspersky Lab Reports
  5. Botnet DDoS Attacks in Q3: More Sophisticated, More Europe-Centric
  6. Kaspersky Lab Finds Number of DDoS Attacks Grows After Long Period of Decline
  7. UBX Cloud Uncovers Hackers Exploiting MSP Software to Launch Ransomware Attacks
  8. Crypto-Ransomware Attacks Rise Five-Fold to Hit over 700,000 Users in One Year
  9. Ransomware Attacks on Small Businesses Increased Eight Times from Q3 2015 to Q3 2016
  10. New Datto Study Exposes Prevalence of Ransomware Cyber Attacks on APAC Businesses

Tags: