The global cyber threat landscape by the CrowdSec Community
Based on the CrowdSec data shared by the community, this first edition of the report provides an overview of the main cyber threats identified worldwide. It was issued by leveraging the strength of the CrowdSec global community. Every single day, all members report and exchange cyber threat data with each other, making CrowdSec one of the most significant Cyber Threat Intelligence (CTI) networks on earth. With hundreds of newcomers daily, the detection capabilities of CrowdSec are growing exponentially. And it’s just the beginning.
A cyber threat with many faces
Conducted over the last quarter of 2021, this first edition provides an overview of global cyber threats and highlights the types of cyber attacks reported as well as their origin, the Autonomous Systems (AS) behind the malicious IP addresses, etc.
Here are the key takeaways of this first version:
- The location of malicious IP addresses indicates the networks preferred by hackers to carry out cyber attacks. Both the United States and China have large networks with a significant number of IPs at their disposal, which attracts cybercriminal organizations to use these countries to remain anonymous.
- The most commonly used types of attacks are not necessarily the most complicated. Top of the list is scanning (39%), which detects vulnerabilities in a system, and brute force (34%), which tests a large combination of logins and passwords to gain access to a network.
- The reaction time of operators to remove an IP address identified as fraudulent. Some players are good performers – AWS, for example – while others are much less rigorous, with a slower removal of malicious IP addresses.
- The protection systems favored by the community are mostly concentrated around the firewall (over 80%).
This report aims to raise awareness of the actual weight of the cyber threat today and underline how essential collaboration is to make companies aware of the ever-growing and varied cyber threats. By sharing information between them, companies will better protect themselves from cyberattacks and, above all, build more effective defense strategies.
What kind of information would you like to see in the next edition? Drop by our Discord and let us know!