Want to improve the security of your ecommerce website?

Learn how

Announcing the Q2 2023 CrowdSec Majority Report

We are thrilled to announce the release of the CrowdSec Majority Report for Q2 2023!

Conceived about a year ago, the Majority Report is a project very close to the hearts of the CrowdSec team. Inspired by the 2002 film, Minority Report, we created the Majority Report to showcase the power of crowdsourced data in detecting malicious behavior and preventing imminent cyberattacks. 

In this quarter’s report, we are exploring global cyber threats, busting the myth of VPN’s popularity in cybercriminal activities, and showing you the most accurate method of evaluating Autonomous Systems (AS).

Let’s take a look at a few highlights from the Q2 2023 Majority Report.

CrowdSec Majority Report

 

Discover Key Insights on Emerging Cyberthreats

 Download Report

IPv6 represents 20% of reported malicious IPs 

Given its high rate of adoption, it comes as no surprise that IPv6 presence in cybercriminal activities has been rising as well. For October 2022–June 2023, the CrowdSec network detected increased new threats linked to IPv6 addresses, effectively accounting for 20% of all malicious IPs. 

Source: CrowdSec Majority Report Q2 2023

Busting the myth of VPN in cybercriminal activities 

VPN’s increased popularity over the past few years definitely got a lot of organizations worried as, according to popular belief, VPNs offer a convenient means of concealment for cybercriminals. 

However, contrary to said belief, the CrowdSec data indicates that VPNs and proxies play a far less significant role in cybercriminal activities with only 5% of all reported malicious IPs being flagged as VPN or proxy.

The importance of the Malevolent Duration metric

Did you ever think that the number of compromised assets is not the most accurate method of evaluating an AS? While larger operators naturally receive a higher number of reports concerning malicious IPs, smaller operators, with fewer affiliated IPs and as a result receiving fewer reports, may be hosting riskier services.

The Malevolent Duration (MD) metric represents the duration in days that users report a malicious IP to the operator. The average MD of all IPs within the same AS reflects the operator’s level of diligence in identifying and addressing compromised assets.

Source: CrowdSec Majority Report Q2 2023

Evaluating AS based on the MD metric can be a catalyst in adopting a proactive cybersecurity approach — as recently dictated by the latest European Regulation on Network and Information Security (NIS2). A lower MD score means that a business faces reduced risk in acquiring a machine flagged as malicious. Consequently, this also decreases the likelihood of legitimate business assets being preemptively blocked by partners, prospects, or potential customers.

Download the CrowdSec Majority Report today to read the full analysis.

CrowdSec Majority Report

 

Discover Key Insights on Emerging Cyberthreats

 Download Report

You may also like

Introducing the New CrowdSec and BunkerWeb Integration
Announcement

Introducing the New CrowdSec and BunkerWeb Integration

We are thrilled to welcome BunkerWeb into the CrowdSec Network and together strengthen collaborative open security for both our communities.

Revolutionizing Security Analysis with CrowdSec and Microsoft Copilot for Security
Announcement

Revolutionizing Security Analysis with CrowdSec and Microsoft Copilot for Security

We are announcing the CrowdSec CTI and Microsoft Copilot for Security integration, which signals a new era of collaborative and intelligent security operations.

Announcing the Release of the CrowdSec Security Engine 1.6
Announcement

Announcing the Release of the CrowdSec Security Engine 1.6

The Security Engine 1.6 is in general availability and it comes with exciting new features and improvements, including the new AppSec Component.