In 2018, botnets were shifted from Windows platforms towards Linux and internet of things (IoT) platforms, leading to the fast decline of older Windows-based families and the thriving of new IoT-based ones.
These are among the findings of 2018 Botnet Trend report released by network security provider NSFOCUS.
“As for platforms hosting Command and Control (C&C) servers, families using IoT platforms, though smaller in quantity, were more active, attracting 87 percent of attackers,” the report noted.
“In 2018, a total of 35 active families were found to issue more than 100 botnet instructions, accounting for 24 percent of all known families. Several families with the highest level of instruction activity accounted for most of the malicious activities throughout 2018,” it added.
Richard Zhao, COO at NSFOCUS, sees the need for security service providers to adapt their strategies to better mitigate the increasing threats posed by the new generation of botnets.
“As defenders, we not only need to enhance our capabilities of countering ransomware and crypto miners but also need to improve the protections for IoT devices,” he said. “While the total number of IoT devices globally surges rapidly and IoT product lines are increasingly diversified, IoT devices still have poor security. Insecure firmware and communication protocols lead to numerous vulnerabilities in IoT platforms.”
In 2018, the Botnet Trend report developed by NSFOCUS Fuying Laboratory, detected 111,472 attack instructions from botnet families that were received by a total of 451,187 attack targets, an increase of 66.4% from last year.
It said the United States (47.2%) and China (39.78%) were the two worst-hit countries when it came to botnet attacks.
“Botnets in 2018 continued to use distributed denial-of-service (DDoS) as their primary weapon to attack high-speed networks,” the report added. “Statistical analysis shows that gambling and porn websites were the most targeted, suffering 29,161 (an average of 79 per day) DDoS attacks throughout the year.”