BotNet Activity and Malformed DNS packets – This broad category accounted for more than half (53%) of the suspicious activity found.
DNS tunneling was the next most common, and although it has legitimate uses in the world of business, hackers are increasingly using it to bypass corporate firewalls, so any instances of tunneling detected on your own network should absolutely be given a higher level of scrutiny.
Zeus Malware (17%) and DDoS traffic (15%) were the next most common types of suspicious activities, and as anyone who has ever faced a determined DDoS (denial of service) attack can tell you, they’re brutal, and even where they don’t succeed, they put an enormous strain on corporate digital resources.
After that, the Cryptolocker ransomware was found in 13% of the networks reviewed, and Amplification and Reflection on 12%. Perhaps most disturbing of all, however, was the fact that Heartbleed vulnerabilities were found on 11% of the networks examined. This, even after more than a year of concerted effort by multiple parties to help companies ensure they upgraded to avoid having SSL vulnerabilities – a significant percentage of corporate networks inexplicably haven’t.
What’s good about having access to this list is that it identifies the most common threats you can expect to face. If you know what the most common threats are, you can take specific steps to guard against them. Granted, doing so won’t provide you with bulletproof protection, but if you know you’re protected against the most common threats likely to be deployed against you, you’re miles ahead of the game.