TMCnet News
NSFOCUS Identifies IP Chain-Gangs in New Cybersecurity Insights ReportNSFOCUS, a leader in holistic hybrid security solutions, today released its Behavior Analysis of IP Chain-Gangs report, a follow up to their H1 Cybersecurity Insights report, which found that of the 27 million attack sources detected by NSFOCUS, 25 percent were responsible for 40 percent of attack events. In this report, 'IP Chain-Gangs', formerly known as recidivists or repeat hackers, remain more threatening than other attack sources analyzed. In the Behavior Analysis of IP Chain-Gangs report, NSFOCUS introduces the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit similar behavior among the various attacks conducted by the same gang. The report analyzes the IP Chain-Gangs' attack types, volume, size of events, gang activities, and attack rates. By studying the historical behavior of the 80 gans identified in the report, NSFOCUS built several unique gang profiles to analyze their preferred attack methodologies and how to develop a better defense system against future attacks. Key Findings in the Behavior Analysis of IP Chain-Gangs report include:
"Since botnet activities and DDoS attacks are usually collaboratively launched from multiple sources, it's not surprising to see that many of these recidivists are working together as a group in these attacks," said Richard Zao, senior vice president of global threat research, NSFOCUS. "We believe that this is the first time that DDoS attacks have been studied as coordinated gang activities. Moving forward, we plan to track IP Chain-Gangs' evolving history and study the interconnections among their members. By doing this, we will be better able to detect, mitigate, forensically analyze, and even predict future DDoS attacks." To download a copy of the Behavior Analysis of IP Chain-Gangs report, please visit https://nsfocusglobal.com/behavior-analysis-ip-chain-gangs. About NSFOCUS, Inc. NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company's Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks. NSFOCUS works with Fortune Global 500 companies, including four of the world's five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries, as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, and is a member of the Microsoft (News - Alert) Active Protections Program (MAPP), StopBadware.org, and the Cloud Security Alliance (CSA). A wholly-owned subsidiary of NSFOCUS Information Technology Co. Ltd., the company has operations in the Americas, Europe, the Middle East, and Asia Pacific. View source version on businesswire.com: https://www.businesswire.com/news/home/20190117005152/en/ |