TRENDS
- ~50% increase in attacks from China
- 173% increase in Linux/Unix Bruteforce Attempts
TOP ATTACKER COUNTRIES
| Country |
Attackers |
Percentage |
| China |
644 |
34.1% |
| United States of America |
324 |
17.2 |
| Vietnam |
132 |
7% |
| Russia |
114 |
6% |
| Korea |
106 |
5.6% |
| Brazil |
87 |
4.6% |
| France |
61 |
3.2% |
| India |
56 |
3% |
| Argentina |
44 |
2.3% |
| Germany |
38 |
2% |
| Taiwan |
38 |
2% |
| United Kingdom |
36 |
1.9% |
| Ukraine |
33 |
1.7% |
| Thailand |
31 |
1.6% |
| Italy |
29 |
1.5% |
| Netherlands |
28 |
1.5% |
| Australia |
23 |
1.2% |
| Canada |
22 |
1.2% |
| Hong Kong |
21 |
1.1% |
| Bulgaria |
20 |
1.1% |
THREAT GEOLOCATION
TOP ATTACKING HOSTS
TOP 5 ATTACKING NETWORKS
| AS4134 |
CHINANET Zhejiang province network |
| AS4837 |
China Unicom AnHui province network |
| AS57043 |
United Protection (UK) Security LIMITED |
| AS4134 |
CHINANET Jiangsu Province Network |
| AS11014 |
CPS |
TOP ALARMS
| Alarm |
No. of Occurrences |
| Delivery & Attack - Bruteforce Authentication - SSH |
389 |
| Environmental Awareness - OTX Indicators of Compromise - PULSE |
282 |
| Delivery & Attack - WebServer Attack - SQL Injection - Attack Pattern Detection |
4 |
| Delivery & Attack - Bruteforce Authentication - Linux/Unix |
167 |
| Exploitation & Installation - WebServer Attack - XSS |
3 |
Comparison to Previous Report
| Alarm |
No. of Occurrences |
| Delivery & Attack - Bruteforce Authentication - SSH |
310 |
| Environmental Awareness - OTX Indicators of Compromise - PULSE |
106 |
| Delivery & Attack - WebServer Attack - SQL Injection - Attack Pattern Detection |
4 |
| Delivery & Attack - Bruteforce Authentication - Linux/Unix |
12 |
| Exploitation & Installation - WebServer Attack - XSS |
3 |
ALARMS
 |
Multiple Failed Logins in Short time |
 |
SSH Insecure Connection Attempt (Scan) |
|
Failed Password |
|
Invalid User |
| Note: |
As per previous reports these all appear to be completely random scanning bots |
|
WebServer Attack - SQL Injection Attempt |
|
WebServer Attack - XSS |
