At the end of 2016, various reports predicted cyber-attacks could double in 2017. True to those prognostications, F-Secure Labs has logged an overall increase of 223% in traffic to its honeypots as compared with H2 2016.
“Some of this jump in volume can be attributed to improvements made in our backend systems and the addition of new honeypots to the network, but given the considerable surge, it is our belief that attacks are also simply on the increase,” the firm said in its report shared with Infosecurity on the findings. “The constantly evolving nature of the ecosystem, the increased automation and distribution of attack tools, ever-expanding attack surfaces, and highly charged geopolitical events are all likely contributing factors.”
F-Secure found that in the last half of 2016, the top five sources of activity were Russia, the Netherlands, the US, China, and Germany. In 2017, Russia re-appeared in the top spot for sources of attacks, accounting for 44% of traffic. Following Russia was the US, with about 15% of traffic, the Netherlands with 7%, Belgium and Germany with 6% each, and China with 5%. The top 10 source countries accounted for 87% of all traffic detected.
It also delved into who has been attacking who: “When it comes to the more specific question of which countries are attacking which, the greatest number of attacks came from Russia targeting the US, followed by Russia targeting the Netherlands, the Netherlands targeting the US, and Belgium targeting the US,” the report found.