Ixia, a leading provider of network testing, visibility, and security
solutions, today announced the release of the first Ixia Security Report, a summation of 2016's biggest security events including findings from Ixia's Application and Threat Intelligence (ATI) Research Center.
The ATI Research Center leverages the knowledge of hundreds of Ixia
engineers, and its researchers operate a worldwide, distributed network
of honeypots and web crawlers to actively identify known and unknown
malware, attack vectors, and application exposures.
The
Ixia Security Report is a reflection of Ixia's long standing experience
in network and network security test. Combined with the company's
understanding of large scale network data distribution systems, Ixia is
able to extensively analyze organizations' network attack surfaces. Ixia
has determined that, while increases in malware are clearly a major
threat to both enterprises and service providers, network complexity is
creating its own vulnerability. According to an Ixia sponsored survey
conducted by Enterprise Management Associates, the average enterprise is
using six (6) different cloud services and network segmentation is
increasing. However 54% of enterprises are monitoring less than half of
those segments and less than 19% of companies believe that their IT
teams are adequately trained on the wide array of network appliances
they are managing.
"Organizations
need to constantly monitor, test, and shift security tactics to keep
ahead of attackers in the fast-paced threat landscape we all deal with
today. This is especially important as new cloud services and increased
IoT devices are routinely being introduced," said Steve McGregory,
Senior Director of Application Threat Intelligence at Ixia. "To do this
effectively, organizations must start by studying their evolving attack
surface and ensure they have the proper security expansion measures in
place. Simple but effective testing and operational visibility can go a
long way to improving security."
Highlights from the ATI Research Center's 2016 findings include:
Top Usernames and Passwords
Gaining
access to accounts is often done the old-fashioned way-brute force
guessing starting with the obvious. It is shocking how many network
accounts and devices contain default usernames and passwords. At the top
of the list were usernames like "root" and "admin," but also "ubnt,"
which is the default username for AWS and other cloud service offerings
that use Ubuntu. IoT was also a notable target with "pi" for Raspberry
PI. The passwords topping the list included favorites like "admin,"
"123456," "support," and "password."
Top Exploited URI Paths and CMS
In
computing, a uniform resource identifier (URI) is a string of
characters used to identify a name of a resource, which can be
interacted with via the web using specific protocols. The top exploited
URI paths used for brute force WordPress logins were /xmlrpc.php and
/wp-login.php. Across customers, Ixia's ATI Research Center also saw
many attempts to scan for the phpinfo() function and that most URIs
attempted for attack were PHP based.
Malware of Phishing?
Malware
continued to dominate over 2016 but there were a few months-namely
June, July, and August-during which ransomware phishing appeared to have
outpaced malware. Top fishing targets identified by the ATI Research
Center included Facebook, Adobe, Yahoo!, and AOL logins. Adobe updates
were the most prevalent drive-by updates for delivering malware or
phishing attacks.
"Understanding
your network breadth across physical, virtual, and cloud assets is
critical to protecting it," said Jeff Harris, Vice President of Security
Solutions at Ixia. "We see that network segmentation adoption is on the
rise, but that up to half of those segments are not being monitored. We
anticipate that network visibility into every segment, IoT monitoring
and AI will be some of the key security topics in 2017."
For the full report, please visit https://www.ixiacom.com/resources/security-report-2017.