Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?


Network Security

AT&T Sees 30 Billion Malicious Network Scans Daily

Network provider AT&T says it has to deal with large numbers of cyber-attacks each day on its global network, and that it sees around 30 billion malicious scans daily on its IP network.

Network provider AT&T says it has to deal with large numbers of cyber-attacks each day on its global network, and that it sees around 30 billion malicious scans daily on its IP network.

According to Jason Porter, Security Solutions Vice President at AT&T, the company blocks 5 billion malicious scans targeted specifically to the company every day, as attackers are probing for vulnerabilities they can exploit. What’s more, the provider sees 400 million spam messages on its global IP network each day and blocks 200,000 malware events targeted specifically to it.

With an even large number of cyber-attacks happening around the world each day, it’s no surprise that many companies suffer data breaches. In fact, AT&T’s newly published Cybersecurity Insights, “The CEO’s Guide to Cyberbreach Response” report shows that 62% of organizations experienced a security breach last year. However, similar to many other reports, ‘breach’ is not defined by AT&T. As SecurityWeek’s Kevin Towsend asks on the definition of a breach, “If a fairly common virus gets onto the network and is immediately detected, is it still a breach? Or should ‘breach’ be reserved for an attack that actually leads to the loss of data?”

According to AT&T’s research, 42 percent of the orgaizations that admitted experiencing a breach said he negative impact they suffered following was significant. However, only 34 percent of organizations believe they have an effective incident response plan, and only 16 percent of passive companies have a strong incident response plan in place, the report reveals.

The company’s report reveals that AT&T logged over 245,000 distributed denial of service (DDoS) alerts across its global data network over a 12-month period. However, it reveals that traditional brute-force DDoS attacks are not the only threat that organizations of all sizes face daily: concealed attacks such as ransomware are on the rise and pose a significant threat too.

AT&T security report reveals that, over the past year, security incidents have caused major enterprises an average of 23 hours of down time. Furthermore, medium-sized businesses experienced downtime as well, at an average of 14 hours. However, even one or two hours during which operations are down cause millions of dollars in losses for many enterprises, AT&T says.

The purpose of the new security report is mainly that of providing organizations with suggestions regarding the defenses they can put in place. According to AT&T, successful incident response programs begin before a breach occurs and companies should build them as part of a broader strategy. Such programs should include not only the tools and systems to identify and respond to breaches, but also a cross-functional team and frequent testing, the company’s report says.

“Most organizations have invested in a variety of tools, processes, and personnel to help protect sensitive systems and data against these threats. But given the sheer volume of attacks, it’s highly likely that one or more will penetrate your defenses. This is why, in addition to threat prevention and detection, you must invest in a comprehensive incident response plan,” AT&T says.

Advertisement. Scroll to continue reading.

Related: Suffocating Volume of Security Alerts Challenge Incident Response

Related: Incident Response Should Never End

Written By

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.


People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights