AT&T Sees 30 Billion Malicious Network Scans Daily

Network provider AT&T says it has to deal with large numbers of cyber-attacks each day on its global network, and that it sees around 30 billion malicious scans daily on its IP network.

According to Jason Porter, Security Solutions Vice President at AT&T, the company blocks 5 billion malicious scans targeted specifically to the company every day, as attackers are probing for vulnerabilities they can exploit. What’s more, the provider sees 400 million spam messages on its global IP network each day and blocks 200,000 malware events targeted specifically to it.

With an even large number of cyber-attacks happening around the world each day, it’s no surprise that many companies suffer data breaches. In fact, AT&T’s newly published Cybersecurity Insights, “The CEO’s Guide to Cyberbreach Response” report shows that 62% of organizations experienced a security breach last year. However, similar to many other reports, ‘breach’ is not defined by AT&T. As SecurityWeek’s Kevin Towsend asks on the definition of a breach, “If a fairly common virus gets onto the network and is immediately detected, is it still a breach? Or should ‘breach’ be reserved for an attack that actually leads to the loss of data?”

According to AT&T’s research, 42 percent of the orgaizations that admitted experiencing a breach said he negative impact they suffered following was significant. However, only 34 percent of organizations believe they have an effective incident response plan, and only 16 percent of passive companies have a strong incident response plan in place, the report reveals.

The company’s report reveals that AT&T logged over 245,000 distributed denial of service (DDoS) alerts across its global data network over a 12-month period. However, it reveals that traditional brute-force DDoS attacks are not the only threat that organizations of all sizes face daily: concealed attacks such as ransomware are on the rise and pose a significant threat too.

AT&T security report reveals that, over the past year, security incidents have caused major enterprises an average of 23 hours of down time. Furthermore, medium-sized businesses experienced downtime as well, at an average of 14 hours. However, even one or two hours during which operations are down cause millions of dollars in losses for many enterprises, AT&T says.

The purpose of the new security report is mainly that of providing organizations with suggestions regarding the defenses they can put in place. According to AT&T, successful incident response programs begin before a breach occurs and companies should build them as part of a broader strategy. Such programs should include not only the tools and systems to identify and respond to breaches, but also a cross-functional team and frequent testing, the company’s report says.

“Most organizations have invested in a variety of tools, processes, and personnel to help protect sensitive systems and data against these threats. But given the sheer volume of attacks, it’s highly likely that one or more will penetrate your defenses. This is why, in addition to threat prevention and detection, you must invest in a comprehensive incident response plan,” AT&T says.

Related: Suffocating Volume of Security Alerts Challenge Incident Response

Related: Incident Response Should Never End