NTT Security finds 86 percent of Australia's attacks come from within

NTT Security's latest Global Threat Intelligence Report has found the majority of all attacks experienced in Australia during a 12-month period originated in Australia.
Written by Asha Barbaschow, Contributor

86 percent of the total attacks experienced by Australia during a 12-month period originated from within the country's borders, a report from NTT Security has found.

The United States was the source of 9 percent of the total attacks, while Germany accounted for 1 percent.

According to the NTT Security Global Threat Intelligence Report 2017, remote administration was the top service used in attacks against Australia, with 43 percent using such method. Similarly, file shares accounted for 40 percent and voice over IP was used by 7 percent of attacks.

In preparing its report [PDF], NTT said it analysed global threat trends based on log, event, attack, incident, and vulnerability data from October 1, 2015 through September 31, 2016.

NTT said it identified more than 6 billion attempted attacks globally over the 12-month period -- around 16 million attacks per day.

In Australia, three industries were targeted in 81 percent of all attacks observed: Finance with 34 percent of the total, retail with 27 percent, and business and professional services with 20 percent.

Over 93 percent of the malware detected within Australia during the 12-month period was some form of Trojan. Kaspersky Lab had highlighted previously that Australia has one of the highest rates of penetration -- or attempted penetration -- when it comes to mobile banking Trojans, with the country experiencing 1.42 percent of all infections recorded globally, second only to Russia.

Meanwhile, over 70 percent of application attacks against Australian targets attempted remote code execution, NTT said, with over 50 percent of application attacks in Australia targeting bash.

Distributed denial-of-service (DDoS) attacks, as experienced by the Australian Bureau of Statistics on Census night last year and most recently by Australian domain name registrar Melbourne IT, was the top attack category, according to NTT, accounting for 23 percent of the total attacks measured in Australia. Website application attacks accounted for 19 percent.

DDoS attacks accounted for merely 6 percent of total attacks experienced globally.

A report from the Australian Cyber Security Centre (ACSC) published last week found that 90 percent of organisations in Australia claim to have faced some form of attempted or successful cybersecurity compromise during the 2015-16 financial year.

The ACSC found that the 113 surveyed organisations faced numerous malicious cyber threats on a daily basis, with spear phishing emails alone affecting organisations up to "hundreds of times a day".

Globally speaking, NTT reported that phishing attacks were responsible for as much as 73 percent of malware being delivered to organisations, with the US the country of origin for 41 percent and the Netherlands for 38 percent of all phishing malware.

Nearly 30 percent of attacks detected worldwide targeted end-user technology like Adobe products, Java, and Microsoft Internet Explorer, the report said, while the three technologies found on end-user computers that were targeted most throughout the year were Adobe Flash Player, Microsoft Internet Explorer, and Microsoft Silverlight.

77 percent of all detected ransomware covered four industries: Business and professional services accounting, government, healthcare, and retail. The finance industry was the only one to appear in the "top three most attacked industries" in all six geographic regions analysed by NTT.

In addition, NTT highlighted that Australia was the country of origin for 3 percent of overall attacks on Japan, with 85 percent stemming from the US and 8 percent from the UK.

In both North and South America, the US was the source of 55 percent of total attacks, with 17 percent originating from China.

Editorial standards