here:
https://www.multivu.com/.../
In 2017, CenturyLink Threat Research Labs tracked an average of 195,000 threats per day impacting, on average, 104 million unique targets - from servers and computers to handheld or other internet-connected devices - due to the work of botnets.
"Botnets are one of the foundational tools bad actors rely on to steal sensitive data and launch DDoS attacks," said Mike Benjamin, head of CenturyLink's Threat Research Labs. "By analyzing global botnet attack trends and methods, we're better able to anticipate and respond to emerging threats in defense of our own network and those of our customers."
Read the CenturyLink 2018 Threat Report: http://lookbook.centurylink.com/threat-report.
Key Observations
-- Geographies with strong or rapidly growing IT networks and
infrastructure continue to be the primary source for cybercriminal
activity.
-- The top five Asia-Pacific countries by volume of global malicious
internet traffic in 2017 were China, South Korea, Japan, India and
Hong Kong.
-- The top five Asia-Pacific countries hosting the most command and
control servers (C2s), which amass and direct botnets, were China,
South Korea, Japan, India and Hong Kong.
-- While countries and regions with robust communication infrastructure
unknowingly supplied bandwidth for IoT DDoS attacks, they also
represented some of the largest victims based on attack command
volume.
-- The top five target countries of bot attack traffic were the United
States, China, Germany, Russia and the United Kingdom.
-- The top five Asia-Pacific countries by volume of compromised hosts
or bots were China, India, Japan, Taiwan and South Korea.
-- Mirai and its variants have been the focus of consistent news
coverage, but in 2017, CenturyLink Threat Research Labs witnessed
Gafgyt attacks affecting more victims and with noticeably longer
attack durations.
Key Facts
-- CenturyLink collects 114 billion NetFlow records each day, capturing
over 1.3 billion security events daily and monitoring 5,000 known C2
servers on an ongoing basis.
-- CenturyLink responds to and mitigates roughly 120 DDoS attacks per day
and removes nearly 40 C2 networks per month.
-- The scope and depth of CenturyLink's threat awareness is derived from
its global IP backbone, one of the world's largest. This critical
infrastructure supports CenturyLink's global operations and informs
its comprehensive suite of security solutions, including threat
detection, secure log monitoring, DDoS mitigation and network-based
security solutions.
Additional Resources
-- Hear Mike Benjamin's key takeaways from the CenturyLink 2018 Threat
Report ( https://youtu.be/3U1aIJqejjs )
-- Learn how CenturyLink takes cyber intelligence to the next level with
expanded view of threatscape ( http://news.centurylink.com/2018-04-03-CenturyLink-takes-cyber-intelligence-to-the-next-level-with-expanded-view-of-threatscape )
-- Explore IDC's report: Securing the Connected Enterprise Using Network-
Based Security (http://idcdocserv.com/US43638618 )
About CenturyLink
CenturyLink (http://www.centurylink.com/ ) (NYSE: CTL) is the second largest U.S. communications provider to global enterprise customers. With customers in more than 60 countries and an intense focus on the customer experience, CenturyLink strives to be the world's best networking company by solving customers' increased demand for reliable and secure connections. The company also serves as its customers' trusted partner, helping them manage increased network and IT complexity and providing managed network and cyber security solutions that help protect their business. ---
Media
