thailand threat telemetry 2016 by fortinet thailand

© Copyright Fortinet Inc. All rights reserved.

FortiGuard Labs Threat TelemetryThailand1 January – 1 December 2016

FortiGuard LabsSince 2000, FortiGuard Labs has provided in-house, industry-leading security intelligence and research, powering Fortinet’s platform and delivering a suite of advanced services

Industry Leading Patented Security Technology

3

FortiGuard Labs’ Threat Telemetry

FortiGuard Labs’ threat telemetry is obtained from our sensors that are deployed in multiple locations across the globe. This presentation will focus on threat telemetry in Thailand

from 1 January – 1 December 2016.

FortiGuard Labs’ threat telemetry is obtained from our sensors that are deployed in multiple locations across the globe. This presentation will focus on threat telemetry in Thailand

from 1 January – 1 December 2016.

4

Top 5 IPS Events 2016

0 500 1000 1500 2000

NTP.MONLIST.COMMAND.DOS

MS.DNS.WINS.SERVER.INFORMATION.SPOOFING

WORDPRESS.XMLRPC.PINGBACK.DOS

WORDPRESS.LOGIN.BRUTE.FORCE

NETCORE.NETIS.DEVICES.HARDCODED.PASSWORD.SECURITY.BYPASS

Millions

5

Top 5 Malware 2016

0 20 40 60 80 100 120 140 160 180 200

JS/NEMUCOD.76CD!TR.DLDR

JS/NEMUCOD.BQM!TR

VBS/AGENT.97E!TR

VBS/AGENT.LKY!TR

JS/NEMUCOD.6957!TR.DLDR

Thousands

6

Monthly Malware Detections 2016

7

Malware Detections By Industry 2016

Education53.95%

Technology42.36%

Manufacturing2.31%

Food & Beverage

0.66%

Media/Communications0.25%

Government0.18%

Retail/Hospitality0.08%

Consulting0.08%

Banking/Finance/Insurance0.07%

Healthcare0.06%

Other3.69%

8

Thailand Top 5 Ransomware 2016

0 500 1000 1500 2000 2500

CRYPTOWALL

CERBER

LOCKY

TORRENTLOCKER

TESLACRYPT

Thousands

9

Thailand Monthly Top 5 Ransomware Activity 2016

0

100

200

300

400

500

600

2016/01 2016/02 2016/03 2016/04 2016/05 2016/06 2016/07 2016/08 2016/09 2016/10 2016/11

Thou

sand

s

CerberCryptoWallLockyTeslaCryptTorrentLocker

10

Thailand Top 5 Mobile Malware 2016

0 10000 20000 30000 40000 50000 60000

ANDROID/QYSLY.S!TR

ADWARE/DOWGIN!ANDROID

ANDROID/TRIADA.J!TR.BDR

ANDROID/ZTORG.A!TR.BDR

ADWARE/EWIND!ANDROID

11

Top 5 Exploit Kits 2016

0 200 400 600 800 1000 1200 1400 1600 1800 2000

ANGLER.EXPLOIT.KIT

NEUTRINO.EXPLOIT.KIT

RIG.EXPLOIT.KIT

DOTKACHEF.EXPLOIT.KIT

GENERIC.EXPLOIT.KIT.DETECTION

12

Top 5 Botnets 2016

0 5 10 15 20 25 30 35 40

ANDROMEDA.BOTNET

NECURS.BOTNET

H-WORM.BOTNET

SALITY.BOTNET

IMDDOS.BOTNET

Millions

13

Monthly Botnet Detections 2016

14

Botnet Detections By Industry 2016

Education83.17%

Healthcare5.73%

Food & Beverage4.51%

Technology3.02%

Legal2.11%

Manufacturing0.73%

Banking/Finance/Insurance0.60%

Government0.13%

Media/Communications0.00%

Other3.57%

15

Top 5 OpenSSL Attacks 2016

0 20 40 60 80 100 120 140 160

OPENSSL.TLS.HEARTBEAT.INFORMATION.DISCLOSURE

OPENSSL.CHANGECIPHERSPEC.INJECTION

OPENSSL.HEARTBLEED.ATTACK

OPENSSL.CHACHA20.POLY1305.HEAP.BUFFER.OVERFLOW

SSLV2.OPENSSL.GET.SHARED.CIPHERS.OVERFLOW.ATTEMPT

Thousands