Akamai Technologies' State of the Internet / Security: Carrier Insights Report for Spring 2018 shows that sharing information is an important factor in helping to defend against cyber threats.
The report analyses data from more than 14 trillion DNS queries collected by Akamai between September 2017 and February 2018 from communications service provider (CSP) networks around the world.
The report builds upon the Nominum expertise and highlights the effectiveness of DNS-based security that is enriched with data coming from other security layers. This layered security approach involves gathering various security solutions to collectively protect an organisation's data.
“Siloed understanding of attacks against individual systems isn’t enough for defenders to prepare for today’s complicated threat landscape,” said Yuriy Yuzifovich, director of data science, threat intelligence, Akamai.
“Communicating with varying platforms is critical when acquiring knowledge across teams, systems and data sets. We believe that the DNS queries that our service provides act as a strategic component to arming security teams with the proper data necessary for that big picture view of the threat landscape.”
Collaboration between teams within Akamai played a crucial role in discovering Mirai command and control (C&C) domains to make future Mirai detection more comprehensive. This collaborative analysis suggested an evolution of IoT botnets, from a nearly exclusive use case of launching DDoS attacks to more sophisticated activities such as ransomware distribution and crypto- mining.
The report also identified several specific tendencies that are expected to grow into mainstream threats. For example, given the continuous growth in the number of mobile devices and the improvements in their technologies, it is reasonable to estimate that attackers will put even more focus on this fertile ground for cyberattacks.
Another trend the report predicts is that hacked social network accounts can be used as an alternative for phishing emails (getting unsuspicious “friends” to click on malicious links), for espionage on people or organisations of interest (and there are states and organisations willing to pay for that) and for promoting ‘unsubstantiated news’ to affect people’s opinions on certain topics n(and again, there are organisations that will pay for that).
The detailed report is available here.