Cyber attacks, ransomware were unrelenting throughout 2019

Cyber attacks, ransomware were unrelenting throughout 2019
04.03.2020 09:15 am

Cyber attacks, ransomware were unrelenting throughout 2019


Cyber criminals continued a barrage of attacks in 2019, spurred on by botnets of infected IoT devices and by attacker interest in the Eternal Blue vulnerability. A new report from cyber security provider F-Secure, Attack Landscape H2 2019, documents a steep increase in attack traffic in 2019 that was unmatched by previous years.

F-Secure's global network of honeypots saw 2.8 billion attack events in the second half of the year. After 2.9 billion in the first half of the year, the yearly total rings in at 5.7 billion attacks. For comparison, 2018 saw just over 1 billion attacks, while 2017 saw 792 million.

Traffic was dominated by attacks hitting the SMB protocol, indicating attackers are still very much interested in using worms and exploits related to Eternal Blue. Telnet traffic and attacks hitting SSH were also high, indicating continued, high attacker interest in IoT devices. Malware found in the honeypots was dominated by various versions of Mirai.

While ransomware spam was observed to have dropped during the course of the year, ransomware itself became more targeted and impactful, inflicting greater damage, targeting enterprises, and demanding sums in the hundreds of thousands of dollars. Modular malware employed a range of tricks, one of which was dropping ransomware as a second stage payload.

The report also features a look back at the past ten years of information security, a decade marked by spates of breaches, the emergence of nation state malware, and devastating supply chain attacks. But going forward, there is reason for optimism, says Mikko Hypponen, Chief Research Officer at F-Secure.

“The last decade was pretty bad for information security, but the next one will be better,” says Hypponen. “It doesn't always look like it, but we are getting better. In the middle of news on major breaches and data leaks, it might look like it's getting worse, but it isn't. If you look at the level of security tools we were using in 2010 and today, it's like night and day. We are going in the right direction.”

Other findings from the report include:

  • Countries whose IP spaces played host to the highest numbers of attack sources were the US, China, Russia, and Ukraine.

  • Countries where the most attacks were directed were the Ukraine, China, Austria, and the US.

  • The most common delivery method for ransomware during the period was via manually installed/second stage payloads at 28%, followed by email/spam.

  • The greatest share of Telnet traffic came from the US, Armenia, the UK, Bulgaria, and France.

  • The greatest share of SMB traffic came from the Philippines and China.

“Spam continued to be popular amongst attackers in 2019. It preys on unsuspecting individuals, making the lack of awareness about threats a weak link for companies, and a lucrative target for malware authors,” says Calvin Gan, Manager at F-Secure's Tactical Defense Unit. “And with attacks becoming more sophisticated, such as ransomware infections that escalate into data breaches, it’s more important than ever for organizations to improve their cyber defenses in preparation for these attacks.”

Related News

Bitdefender launches Digital Identity Protection to safeguard the most valuable asset you have, your online reputation

As the professional world moves increasingly online, Bitdefender, a leading global cybersecurity company protecting over 500 million systems worldwide, is... Read more »

KYND debuts in the Global CyberTech100 for 2020

The top 100 global CyberTech companies providing cyber defences were announced today by FinTech Global.

KYND Limited, a provider of pioneering cyber risk management... Read more »

Sysnet Global Solutions Strengthens Senior Leadership Team

 Sysnet Global Solutions, a leading provider of cyber security and compliance solutions, has today announced several key... Read more »

World’s first real-time money laundering monitoring game released

With the Covid-19 epidemic spurring an increase in cybercrime, compliance professionals are being given a chance to test their detection skills by playing the world’s first... Read more »

Mastercard Provides Free Cybersecurity Tools for Small Businesses in Canada

Free cybersecurity assessments from RiskRecon, a Mastercard company, will help small businesses protect their environments during the COVID-19 crisis

As small businesses... Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel