Around 51 million cyber attack have been recorded between April to December 2021 on the Data Centres Network based Threat Intelligence sensors network specifically simulated in India, stated a report by The Institution of Electronics and Telecommunication Engineers (IETE) and CyberPeace Foundation (CPF) along with Autobot Infosec Private Limited. The study is a part of CyberPeace Foundation’s e-Kawach programme.
It was found that during the aforementioned time span the deployed network instance captured a total number of 50,477,393 attack events from a total number of 40937 Unique IP addresses globally, it said.
The mostly attacked destination protocols were HTTPS (44.277%), SSH (23.743%), HTTP (19.305%); and SMTP (6.621%).
The study also found a total number of 26,166 usernames that were used to log into the networks by attackers while a total number of 80,282 passwords were found that were used to log into the networks by attackers.
According to the report, during the threat analysis it was identified that after compromising the environment, attackers tried to run multiple terminal commands and also tried to download malicious payloads on the system.
It was found a total number of 131,388 unique terminal commands were run in the system while a total number of 1,262 unique payloads have been identified that were injected to the environment. The payloads include the malicious files like botnet, trojan etc.
Some advisories in the report suggest non exposure of services like SSH, HTTP, HTTPS, SMTP, SMB, MSSQL, MYSQL unnecessarily to the internet. Network firewalls should always be patched with latest security updates.