NTT Security, a Top 100 MSSP for 2018, has integrated network analytics technology into its Managed Security Services (MSS). The technology helps MSS customers detect and defend against cyberattacks launched on botnet infrastructure, according to a prepared statement.
MSS network flow data analysis uses machine learning and streaming analytics to provide visibility into worldwide Internet traffic, NTT stated. By doing so, it enables NTT to identify attacks on customers' Internet-connected devices in real-time.
In addition, MSS can detect command-and-control (C&C) servers, NTT said. This ensures NTT security analysts can identify C&C server data, evaluate cyber threats and determine the best ways to address these dangers.
Botnet Attacks on the Rise
A botnet is a series of Internet-connected devices, and it may be used to perform repetitive website tasks. However, cybercriminals are increasingly using botnets to launch malware, ransomware and distributed denial of service (DDoS) attacks.
Recent botnet attacks include:
- IoTroop/Reaper: Used Internet of Things (IoT) devices to administer malware to an estimated 1 million organizations worldwide.
- Necurs: Delivered banking Trojans and ransomware threats in batches of millions of emails at a time.
- WireX: Leveraged malicious applications to create DDoS traffic on Android devices.
There was a 37 percent year-over-year increase in botnet C&C listings in 2017, according to research from global cyber threat intelligence organization Spamhaus. Among these listings, 68 percent were hosted on servers run by threat actors.
Botnet Security Tips
2017 was "the year of the botnet," threat management platform provider RiskIQ indicated. As more organizations leverage IoT devices and various Internet-connected systems, the number of botnet attacks could rise in 2018 and beyond.
Organizations can combat botnet attacks in a variety of ways, including:
- Use malware detection tools.
- Keep your computer's operating system up to date and install security system updates regularly.
- Do not download email attachments or open email links from senders that you do not recognize.
- Leverage a firewall when browsing the Internet.
MSSPs also can provide cyberattack detection and remediation, threat intelligence and other cybersecurity services to help organizations identify and address botnet attacks. Furthermore, they can teach organizations about botnet attacks and help them tailor their cybersecurity strategies accordingly.