Network attacks are increasing rapidly and have evolved from simple spam abuse to far more sophisticated forms of network abuse. The most recent 2016 Cyber Attack Statistics from hackmageddon.com show the top motivations behind cyber attacks to be cyber crime, hacktivism, cyber espionage, and cyber warfare. In this blog post, we will explore the history of network attacks and what service providers can do to protect themselves today.
The Evolution Of Network Security
Network security increased in priority as the world became more interconnected with the Internet and advanced networking. As people become more connected, it’s easier to use the Internet to steal their data, their intellectual property, and their identities.
No longer just a concern of governments and the military, network security has become a priority for personal computer users, businesses, and service providers. The structure of the Internet creates potential for security threats, but as attack methods become known, appropriate security measures emerge to combat them. These can include firewalls and encryption technology.
Several key events contributed to the evolution of network attacks and the network security measures needed to combat them:
- In 1918, Polish cryptographers created an Enigma machine that converted plain messages to encrypted text.
- In 1930, Alan Turing, a brilliant mathematician, broke the Enigma code.
- In the 1960s, the term “hacker” was developed by a couple of Massachusetts Institute of Technology (MIT) students.
- During the 1970s, the Telnet protocol was developed. This opened the door for public use of data networks that were originally restricted to government contractors and academic researchers.
- During the 1980s, hackers and crimes relating to computers began to emerge.
- The Computer Fraud and Abuse Act of 1986 was created as a result of Ian Murphy’s crime of stealing information from military computers.
- Following on from this, a graduate student, Robert Morris, was convicted for unleashing the Morris Worm to over 6,000 vulnerable computers connected to the Internet.
- In the 1990s, the Internet became public and the security concerns increased tremendously.
The Escalation In Intensity Of Network Attacks
Juniper Research has revealed that cybercrime is estimated to cost businesses over $2 trillion by 2019, which is almost four times the estimated cost of the breaches in 2015. The research also reports that the majority of these breaches will come from existing IT and network infrastructure.
According to M3AAWG, the types of network abuse most commonly seen include:
- Spam (outbound): Today, spam accounts for 66.41% of all emails. Surveys have found that spam has led to a decreased public confidence and trust in emails.
- Spamvertising (hosted redirect and payloads): Spamvertising occurs when one of your end users’ engage a third party to advertise its web presence. If your service provider receives one of these complaints, you are most likely in the loop either as the sender of the email or the host of the site being advertised.
- Phishing outbound (hosting and inbound for client credentials): Phishing happens primarily when one of your end-user accounts has been compromised.
- Hacked or defaced pages (hosted): Not all hacked accounts are used for phishing. Some may simply be defaced or the end users’ data corrupted or destroyed.
- Child sexual abuse material (hosted client-side): This is a high-priority type of abuse and your service provider should inform the relevant law enforcement authorities. For appropriate handling of these issues, see M3AAWG Disposition of Child Sexual Abuse Materials Best Common Practices.
- Copyright and trademark/intellectual property issues (hosted client-side)
- Malicious signups
- Distributed denial of service (DDoS) and outer outbound hostile traffic
Akamai’s 2016 State of the Internet Security Report showed that Internet and web attacks are escalating both in number, severity, and duration. The report showed there has been a 125% increase in DDoS attacks year on year, and a 35% increase in attack duration.
The only way to manage and prevent these persistent, eroding attacks is with products like AbuseHQ from Abusix, which gives network abuse teams real-time notifications of compromised systems within their environment. This allows to take action quickly and effectively.
To help network abuse teams gain clarity and take action quickly, AbuseHQ integrates into existing infrastructures to provide the insight necessary to identify and shut down network abuse at its source.
To find out more about how AbuseHQ can help abuse desks perform at their best, request your free demo today.