AlienVault, the only open Unified Security Management platform that delivers built-in controls and full visibility, has released an infographic giving details of trends in malicious cyber activity. Named as “The 2nd United Nations”, the infographic gives out the latest threat data generated by the AlienVault Open Threat Exchange™ (OTX). Here are some key revelations from the infographic:
• China and the United States rank one and two among the top five sources of malicious IP addresses, followed by South Korea, Russian Federation, and Taiwan.
• Host scanning was the top most malicious activity, followed by malware domain, malware IP, spamming, and malicious host.
• Executable files (.exe), HTML content, Zip/RAR compresses, PDF, and Flash files were the primary forms of malicious content detected on websites.
The data was collected out of the 2300 contributions from 77 countries since February 2012. AlienVault also analyzed more five million suspicious URLs since the same month. The critical areas of risk include intellectual property, finances, personal privacy, and industrial control systems. The Internet-worm Stuxnet that infected Iranian nuclear material processing centrifuges produced jointly by the United States and Israel in an attempt to sabotage Iran’s nuclear program, is a clear example of attack on industrial control systems and critical infrastructure. In return, Iranian armed forces also declared plans to establish their own cyber defense headquarters.
Not only this, Since last year, a series of attacks was conducted on the critical infrastructure of the United States, such as a water plant in Texas disconnected its control system from the Internet after a hacker posted pictures of the facility’s internal controls, hackers penetrated the networks of companies that operated country’s natural-gas pipelines, and increased attacks on the nuclear and chemical industries. This urged President Obama to endorse the cybersecurity bill.
Interestingly, the top malicious networks by number of IPs belonged to China, strengthening China’s reputation of active linkups with cyber espionage and hacking attacks. A U.S. intelligence researchers group recently revealed that the critical data and e-mail belonging to the president of the European Union Council, Herman Van Rompuy, were stolen by a Chinese hacker group named ‘Comment/ Byzantine Candor’. Hackers last summer raided the e-mail of EU Council chief Herman Van Rompuy and 10 other senior officials. Looking at the track record of China and as per a survey recent conducted by Massachusetts-based Bit9, China is the ‘most likely actor’ in the “nation states” attacks. Although the country is playing nice with the US in cyberwar drills, it has been behind numerous different malware distributions and even been accused of outright hacking in several instances.