Who~ Numerous organizations and some individuals were recorded in this months sample. When discounting miscellaneous individual attributed attacks, Anonymous, Izz ad Din al-quassam cyber fighters and the Syrian electronic army rank tops in attacks this month. The interesting correlation is the method of attack for each of these groups and their intended targets. Izz ad Din al-quassam cyber fighters targeting banks via DDoS, while Syrian Electronic Army choosing social media hijacking via twitter against news and government targets. Anonymous trending sample did not reveal a common attack or target pattern.
Additional data gathered through global honeypots shows a concentration of bad DNS call backs from malware infections or embedded within malware binaries to domains located mostly in Germany.
What and How~ On the victim side, data from the sample shows government, financial and internet services companies to be number one as favorite targets of attackers this month. Financial companies being hit by DDoS, and a prevalence of government organizations being hit by SQLi attacks. Internet services were mostly targeted through SQLi and DNS hijacking.
Where~ April attacks map shows geo approximate geolocation of victims and the second map shows known attack sources and C&C servers globally as identified by honeynet. Source: http://mtc.sri.com/
No comments:
Post a Comment