Tag Archive for: traffic

Barracuda report reveals half of all internet traffic is bot-generated

/in


A recent report by Barracuda, a trusted partner and provider of cloud-first security solutions, has unveiled some rather unsettling discoveries about internet traffic. The report indicates that approximately half (48%) of all internet traffic is now bot traffic, and a relatively significant portion of this- 30%- is attributed to harmful bots.

The findings are part of Barracuda’s latest Threat Spotlight report. It examines how bot traffic has changed over the years and the emerging threats to cybersecurity.

The bad news is that although the percentage of bot traffic has lessened from 39% in 2021 to 30% in 2023, the nature of these bot attacks has evolved and is taking a more dangerous shape.

The categorisation of bots is broadly classified into two types: good and bad. Good bots are search engine crawlers or content monitors which keep the internet functioning, while bad bots are programmed with ill intentions. These can range from basic scraping to advanced distributed denial-of-service attacks.

An analysis of bot traffic origins in the first six months of 2023 shows that the majority (72%) originated from the U.S., followed by the U.A.E (12%), Saudi Arabia (6%), Qatar (5%) and India (5%). Barracuda researchers, however, caution that these figures are skewed towards the U.S., with 67% of the traffic from bad bots hailing from public cloud data centres’ IP ranges.

The researchers further highlighted that the bulk of harmful bot traffic originates from two major public clouds, AWS and Azure. This could be because setting up an account with these service providers is free and relatively easy. Attackers use them to orchestrate bad bot attacks, the report suggests.

The study also discovered that a third of bad bot traffic is generated from residential IP addresses. This is typically a veil, with bot creators using these residential IPs through proxies in a bid to bypass IP blocks and remain undetected.

Reflecting on the findings, Mark Lukie, Director of Solution Architects at Barracuda, Asia-Pacific, says: “The findings show that bots are getting cleverer, and attacks against APIs are increasing. This is likely due to many organisations having weak authentication…

Source…

Deforest police seeking man who fled traffic stop

/in


Critical components of U.S. infrastructure, including hospitals and power plants, are increasingly connected to the internet and are at risk of exploitation from cybercriminals lurking in the world’s darkest corners.

And one specific kind of malware attack has leaders in the private and public sectors sounding the alarm over the last two years: ransomware.

Twingate collected data from the FBI’s 2021 Internet Crime Report to show which infrastructure sectors were most often targeted by ransomware attacks. 2021 was the first year in which the FBI’s Internet Crime Complaint Center began tracking ransomware incidents in sectors considered critical infrastructure.

The FBI’s Internet Crime Complaint Center received 649 reports of ransomware incidents targeting critical infrastructure in 2021. In a memo in the latest report, FBI Deputy Director Paul Abbate described the increase in cyberattacks seen last year—not only in infrastructure sectors but overall—as “unprecedented.”

The FBI defines critical infrastructure as assets or systems that “are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on our security, national economy, public health or safety.”

Dozens of attacks last year were leveled at government entities, leading the National Association of State Chief Information Officers to name ransomware its top cybersecurity concern in 2021.

But the frequency of ransomware incidents was even more pronounced in the health care, financial services, and information technology sectors, which saw the most recorded attacks of any other infrastructure sector last year, according to the FBI. The military and defense sector reported the fewest incidents, with just one ransomware attack in 2021.

And these culprits aren’t always lone wolf operations seeking the biggest payout. Most ransomware attacks can be linked to state actors who would harbor more motives than financial gain in sponsoring ransomware attacks. Crypto-tracking company Chainalysis reported that most ransomware payments eventually went to Russian-linked hackers.

The FBI recommends updating operating systems and software, implementing…

Source…

Zero-Day Exploits Dominate Malware from Web Traffic in Q1 — THE Journal

/in


Information Security

Zero-Day Exploits Dominate Malware from Web Traffic in Q1

In the first quarter of 2023, a massive 93% of detected malware from encrypted web traffic and 70% of malware from unencrypted web traffic came from zero day malware, according to a new report. And 51 new ransomware variants were detected.

According to WatchGuard Technologies’ Q1 Internet Security Report, part of an ongoing series of quarterly reports on data security across all sectors, “Zero day malware can infect IoT devices, misconfigured servers, and other devices that don’t use robust host-based defenses….”

Meanwhile, on the ransomware front, according to WatchGuard, “In Q1 2023, the Threat Lab tallied 852 victims published to extortion sites and discovered 51 new ransomware variants. These ransomware groups continue to publish victims at an alarmingly high rate; some are well known organizations and companies in the Fortune 500.”

Other trends noted in the Q1 report included:

  • Malware droppers are targeting Linux systems, “a stark reminder that just because Windows is king in the enterprise space, this doesn’t mean organizations can afford to turn a blind eye to Linux and macOS,” according to WatchGuard;

  • Attackers are exploiting browser notifications more now that browsers have more protections in place against abuse of pop-ups;

  • Three-fourths of new attacks in Q1’s top-10 list originated in China and Russia;

  • Exploits targeting Microsoft Office and Microsoft’s end of life products persist; and

  • “Living-off-the-land” attacks — attacks that use a system’s built-in tools to accomplish their goals — continue to rise. “The continued appearance of Microsoft Office- and PowerShell-based malware in these reports quarter after quarter underscores the importance of endpoint protection that can differentiate legitimate and malicious use of popular tools like PowerShell,” according to the report.

The complete report and an executive summary can be accessed free of…

Source…

Nearly half of all internet traffic is now bots, study reveals

/in


The proportion of human traffic on the internet has fallen significantly in recent years, according to the latest research from cyber security firm Imperva (Getty Images/ iStock)

The proportion of human traffic on the internet has fallen significantly in recent years, according to the latest research from cyber security firm Imperva (Getty Images/ iStock)

Nearly half of all internet traffic came from bots last year, according to new research.

Figures from cyber security firm Imperva revealed a significant increase in automated and malicious web activity in 2022, with the proportion of human traffic falling to its lowest level in eight years.

The company noted that so-called “bad bots” were at their highest level since it started tracking the trend in 2013.

Bot activity is expected to increase even further this year, the researchers claimed, due to the arrival of generative AI tools like OpenAI’s ChatGPT and Google’s Bard.

“Bots have evolved rapidly since 2013, but with the advent of generative artificial intelligence, the technology will evolve at an even greater, more concerning pace over the next 10 years,” said Karl Triebes, a senior vice president at Imperva.

“Cyber criminals will increase their focus on attacking API endpoints and application business logic with sophisticated automation. As a result, the business disruption and financial impact associated with bad bots will become even more significant in the coming years.”

Bad bot activity can include anything from spam that clogs up email inboxes, to advanced systems that carry out brute force attacks to hack into people’s emails or online accounts.

Some bots even mimic human behaviour in order to avoid being detected by security software.

Another worrying trend noted in the report was the rise of bots used in warfare, with a 145 per cent spike in automated attacks targeting Ukrainian web applications in early 2022.

These were likely designed to disrupt the country’s critical infrastructure, ranging from energy and telecom, to transport and financial sectors.

“Every organisation, regardless of size or industry, should be concerned about the rising volume of bad bots across the internet,” said Triebes.

“Year-over-year, the proportion of bot traffic is growing and the disruptions caused by malicious automation results in tangible business risks – from brand reputation issues to…

Source…