MONROE, La., April 17, 2018 /PRNewswire/ -- Businesses, governments and consumers should pay more attention to the risk posed by botnets, according to a new threat report released by CenturyLink, Inc. (NYSE: CTL).
Mike Benjamin, head of the CenturyLink Threat Research Labs, explains how botnets remain a persistent cyberthreat and highlights key findings from CenturyLink's 2018 Threat Report.
The top 10 countries generating malicious internet traffic from a global perspective.
The top ten countries generating malicious internet traffic in Europe.
The top five countries generating malicious internet traffic in Latin America.
The top five countries generating malicious internet traffic in Asia Pacific.
While #Mirai holds the spotlight, #Gafgyt has larger victim pool #cybersecurity
In 2017, CenturyLink Threat Research Labs tracked an average of 195,000 threats per day impacting, on average, 104 million unique targets – from servers and computers to handheld or other internet-connected devices – due to the work of botnets.
"Botnets are one of the foundational tools bad actors rely on to steal sensitive data and launch DDoS attacks," said Mike Benjamin, head of CenturyLink's Threat Research Labs. "By analyzing global botnet attack trends and methods, we're better able to anticipate and respond to emerging threats in defense of our own network and those of our customers."
Geographies with strong or rapidly growing IT networks and infrastructure continue to be the primary source for cybercriminal activity.
The top five countries by volume of global malicious internet traffic in 2017 were the United States, Russia, China, Brazil and Ukraine.
The top five countries hosting the most command and control servers (C2s), which amass and direct botnets, were the United States, Russia, Ukraine, China and Germany.
While countries and regions with robust communication infrastructure unknowingly supplied bandwidth for IoT DDoS attacks, they also represented some of the largest victims based on attack command volume.
The top five target countries of bot attack traffic were the United States, China, Germany, Russia and the United Kingdom.
The top five countries by volume of compromised hosts or bots were the United States, China, Brazil, the United Kingdom and Germany.
Mirai and its variants have been the focus of consistent news coverage, but in 2017, CenturyLink Threat Research Labs witnessed Gafgyt attacks affecting more victims and with noticeably longer attack durations.
Key Facts
CenturyLink collects 114 billion NetFlow records each day, capturing over 1.3 billion security events daily and monitoring 5,000 known C2 servers on an ongoing basis.
CenturyLink responds to and mitigates roughly 120 DDoS attacks per day and removes nearly 40 C2 networks per month.
The scope and depth of CenturyLink's threat awareness is derived from its global IP backbone, one of the world's largest. This critical infrastructure supports CenturyLink's global operations and informs its comprehensive suite of security solutions, including threat detection, secure log monitoring, DDoS mitigation and network-based security solutions.
About CenturyLink CenturyLink (NYSE: CTL) is the second largest U.S. communications provider to global enterprise customers. With customers in more than 60 countries and an intense focus on the customer experience, CenturyLink strives to be the world's best networking company by solving customers' increased demand for reliable and secure connections. The company also serves as its customers' trusted partner, helping them manage increased network and IT complexity and providing managed network and cyber security solutions that help protect their business.
Media Contact: Stephanie Walkenshaw +1 720-888-3084 [email protected]
Share this article