“NETSCOUT brings unique insights to the global threat landscape through their ATLAS infrastructure. While they’re best known for DDoS defense, the company has built an impressive security research organization that digs deep into malware campaigns and botnets at a global level, providing much needed context to the overall threat environment. By studying the infrastructure, the command and control, they’re gathering much of their intelligence straight from the source,” said Rob Ayoub, research director, Security Products program, IDC.
KEY HIGHLIGHTS:
APT groups expand scope
· State-sponsored activity has developed to the point where campaigns and frameworks are discovered regularly for a broad tier of nations. Nation-state APT groups are also using internet-scale intrusions such as NotPetya, CCleaner, VPNFilter for targeted, highly selective campaigns.
Crimeware actors diversify attack methods
· Inspired by 2017’s WannaCry attack, major?crimeware?groups are adopting self-propagation methods that allows their malware to spread faster and more easily. They are also increasingly focused on cryptocurrency mining.
DDoS attacks grow in volume
· DDoS entered the terabit attack era in 2018, as NETSCOUT Arbor successfully mitigated the largest DDoS attack ever recorded at 1.7 Tbps.
· In the first half of 2018, there were 47 DDoS attacks greater than 300Gbps globally, versus only seven during the same period in 2017. Asia Pacific was heavily targeted, with 35 attacks greater than 300Gbps versus only five during the same period in 2017.