CNET is reportingsome interesting new information on the threat landscape. Get this:
- Ports 80 and 443 are the most targeted ports for attacks. Previously that honor went to Microsoft port 445, which is now in third. MS ports 1433 and 3389 (SQL services and Terminal Services) round out the top five.
- Indonesia is the worldwide leader in cyberattacks, as the origin of 38% of all malicious traffic. China comes in second with 33% and the US is in third place with 6.9%.
What can we glean from these two points of data?
The first leads me to believe that hackers are finding web-based attacks more profitable. Port 445 allows hackers to infect a PC, but ports 80 and 443 allow hackers to infect machines through a web browser. Web attacks are just becoming more attractive, especially as users seem to be moving away from PCs.
The second point of data is a bit muddy, since this finding is determined by IP address only. It's entirely possible that hackers in the US (or anywhere else) are launching attacks from hijacked machines in China and Indonesia. Still, this indicates is that Indonesia's growing IT infrastructure is attractive to hackers. The country has a fast growing population of Internet users, and they have a lot of vulnerable systems.
- Vulnerability Protections, XML Firewall
- Data Loss Prevention
- Rate Control, Cloaking, Adaptive Profiling
- Client IP Reputation
- LDAP and RADIUS Authentication
- Single Sign-On, Two Factor Authentication
- Access Control
- SSL Offloading
- Load Balancing, Content Caching, Data Compression
- Connection Pooling, Appliance Clustering
- Web Server High Availability
- Dashboard, Web Access Control
- Logging, Reports, Syslog Support
- Blocks known spyware sites, downloads, and other activity
- Integrated anti-virus detection, file type blocking
- Filters URLs by category, domain, or pattern
- Image/multimedia safe search
- SSL inspection
- Auto-redirect capabilities for youtube for schools
- Remote filtering through the Barracuda Web Security Agent and the Barracuda Safe Browser
- Port/Protocol based control, Instant message blocking
- Granular control of web 2.0 applications, and social media
- Deep packet inspection and suspicious activity alerts
- Flexible policies through users, groups, IP groups
- Centralized management
And of course, keep educating your users to be aware of web-based attacks.
For more information on the latest web-based threats, follow our research team over at Barracuda Labs.