Security Experts:

Connect with us

Hi, what are you looking for?


Network Security

AT&T Sees 30 Billion Malicious Network Scans Daily

Network provider AT&T says it has to deal with large numbers of cyber-attacks each day on its global network, and that it sees around 30 billion malicious scans daily on its IP network.

Network provider AT&T says it has to deal with large numbers of cyber-attacks each day on its global network, and that it sees around 30 billion malicious scans daily on its IP network.

According to Jason Porter, Security Solutions Vice President at AT&T, the company blocks 5 billion malicious scans targeted specifically to the company every day, as attackers are probing for vulnerabilities they can exploit. What’s more, the provider sees 400 million spam messages on its global IP network each day and blocks 200,000 malware events targeted specifically to it.

With an even large number of cyber-attacks happening around the world each day, it’s no surprise that many companies suffer data breaches. In fact, AT&T’s newly published Cybersecurity Insights, “The CEO’s Guide to Cyberbreach Response” report shows that 62% of organizations experienced a security breach last year. However, similar to many other reports, ‘breach’ is not defined by AT&T. As SecurityWeek’s Kevin Towsend asks on the definition of a breach, “If a fairly common virus gets onto the network and is immediately detected, is it still a breach? Or should ‘breach’ be reserved for an attack that actually leads to the loss of data?”

According to AT&T’s research, 42 percent of the orgaizations that admitted experiencing a breach said he negative impact they suffered following was significant. However, only 34 percent of organizations believe they have an effective incident response plan, and only 16 percent of passive companies have a strong incident response plan in place, the report reveals.

The company’s report reveals that AT&T logged over 245,000 distributed denial of service (DDoS) alerts across its global data network over a 12-month period. However, it reveals that traditional brute-force DDoS attacks are not the only threat that organizations of all sizes face daily: concealed attacks such as ransomware are on the rise and pose a significant threat too.

AT&T security report reveals that, over the past year, security incidents have caused major enterprises an average of 23 hours of down time. Furthermore, medium-sized businesses experienced downtime as well, at an average of 14 hours. However, even one or two hours during which operations are down cause millions of dollars in losses for many enterprises, AT&T says.

The purpose of the new security report is mainly that of providing organizations with suggestions regarding the defenses they can put in place. According to AT&T, successful incident response programs begin before a breach occurs and companies should build them as part of a broader strategy. Such programs should include not only the tools and systems to identify and respond to breaches, but also a cross-functional team and frequent testing, the company’s report says.

“Most organizations have invested in a variety of tools, processes, and personnel to help protect sensitive systems and data against these threats. But given the sheer volume of attacks, it’s highly likely that one or more will penetrate your defenses. This is why, in addition to threat prevention and detection, you must invest in a comprehensive incident response plan,” AT&T says.

Related: Suffocating Volume of Security Alerts Challenge Incident Response

Related: Incident Response Should Never End

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...