SANTA CLARA, Calif., — June 18, 2019 – NSFOCUS, a leader in holistic hybrid security solutions, today released its 2018 Botnet Trend report, which found that botnets in 2018 continued to use distributed denial-of-service (DDoS) as their primary weapon to attack high-speed networks. In the 2018 Botnet report, developed by NSFOCUS Fuying Laboratory, a component of NSFOCUS Security Labs, through continuous monitoring and research of botnets discovered significant changes taking place in the coding of malware used to create bots, operations, and maintenance of botnets and IP Chain-Gangs.
Throughout 2018, NSFOCUS developed profiles on 82 IP Chain-Gangs, groups of bots from multiple botnets acting in concert during specific cyber-attack campaigns. Understanding botnets in general and IP Chain-Gangs, in particular, helps improve defensive strategies and, thus, better able to mitigate attacks.
Key findings in the 2018 Botnet report include:
- NSFOCUS detected 111,472 attack instructions from botnet families that were received by a total of 451,187 attack targets, an increase of 66.4 percent from last year.
- The U.S. (47.2 percent) and China (39.78 percent) were two worst-hit countries when it came to botnet attacks.
- Statistical analysis shows that gambling and porn websites were the most targeted, suffering 29,161 (an average of 79 per day) DDoS attacks throughout 2018.
- Botnets were shifted from Windows platforms towards Linux and IoT platforms, leading to the fast decline of older Windows-based families and the thriving of new IoT-based ones.
- As for platforms hosting Command and Control (C&C) servers, families using IoT platforms, though smaller in quantity, were more active, attracting 87 percent of attackers.
- In 2018, a total of 35 active families were found to issue more than 100 botnet instructions, accounting for 24 percent of all known families. Several families with the highest level of instruction activity accounted for most of the malicious activities throughout 2018
“Security service providers need to adapt their strategies to better mitigate the increasing threats posed by the new generation of botnets, said Richard Zhao, COO at NSFOCUS. “As defenders, we not only need to enhance our capabilities of countering ransomware and crypto miners but also need to improve the protections for IoT devices. While the total number of IoT devices globally surges rapidly and IoT product lines are increasingly diversified, IoT devices still have poor security. Insecure firmware and communication protocols lead to numerous vulnerabilities in IoT platforms.”
To download a copy of the 2018 Botnet report, please visit https://nsfocusglobal.com/2018-botnet-trend-report/
About NSFOCUS, Inc.
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.
NSFOCUS works with Fortune Global 500 companies, including four of the world’s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries, as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, and is a member of the Microsoft Active Protections Program (MAPP), StopBadware.org, and the Cloud Security Alliance (CSA).
A wholly-owned subsidiary of NSFOCUS Information Technology Co. Ltd., the company has operations in the Americas, Europe, the Middle East, and Asia Pacific.