Ixia Releases First Annual Security Report
March 20 2017 - 7:30AM
Business Wire
Beyond malware increases, attack surface
expansion is compounded by cloud, IoT, and increasing network
segmentation
Ixia (Nasdaq: XXIA), a leading provider of network testing,
visibility, and security solutions, today announced the release of
the first Ixia Security Report, a summation of 2016’s biggest
security events including findings from Ixia’s Application and
Threat Intelligence (ATI) Research Center. The ATI Research Center
leverages the knowledge of hundreds of Ixia engineers, and its
researchers operate a worldwide, distributed network of honeypots
and web crawlers to actively identify known and unknown malware,
attack vectors, and application exposures.
The Ixia Security Report is a reflection of Ixia’s long standing
experience in network and network security test. Combined with the
company’s understanding of large scale network data distribution
systems, Ixia is able to extensively analyze organizations’ network
attack surfaces. Ixia has determined that, while increases in
malware are clearly a major threat to both enterprises and service
providers, network complexity is creating its own vulnerability.
According to an Ixia sponsored survey conducted by Enterprise
Management Associates, the average enterprise is using six (6)
different cloud services and network segmentation is increasing.
However 54% of enterprises are monitoring less than half of those
segments and less than 19% of companies believe that their IT teams
are adequately trained on the wide array of network appliances they
are managing.
“Organizations need to constantly monitor, test, and shift
security tactics to keep ahead of attackers in the fast-paced
threat landscape we all deal with today. This is especially
important as new cloud services and increased IoT devices are
routinely being introduced,” said Steve McGregory, Senior Director
of Application Threat Intelligence at Ixia. “To do this
effectively, organizations must start by studying their evolving
attack surface and ensure they have the proper security expansion
measures in place. Simple but effective testing and operational
visibility can go a long way to improving security.”
Highlights from the ATI Research Center’s 2016 findings
include:
Top Usernames and Passwords
Gaining access to accounts is often done the old-fashioned
way—brute force guessing starting with the obvious. It is shocking
how many network accounts and devices contain default usernames and
passwords. At the top of the list were usernames like “root” and
“admin,” but also “ubnt,” which is the default username for AWS and
other cloud service offerings that use Ubuntu. IoT was also a
notable target with “pi” for Raspberry PI. The passwords topping
the list included favorites like “admin,” “123456,” “support,” and
“password.”
Top Exploited URI Paths and CMS
In computing, a uniform resource identifier (URI) is a string of
characters used to identify a name of a resource, which can be
interacted with via the web using specific protocols. The top
exploited URI paths used for brute force WordPress logins were
/xmlrpc.php and /wp-login.php. Across customers, Ixia’s ATI
Research Center also saw many attempts to scan for the phpinfo()
function and that most URIs attempted for attack were PHP
based.
Malware of Phishing?
Malware continued to dominate over 2016 but there were a few
months—namely June, July, and August—during which ransomware
phishing appeared to have outpaced malware. Top fishing targets
identified by the ATI Research Center included Facebook, Adobe,
Yahoo!, and AOL logins. Adobe updates were the most prevalent
drive-by updates for delivering malware or phishing attacks.
“Understanding your network breadth across physical, virtual,
and cloud assets is critical to protecting it,” said Jeff Harris,
Vice President of Security Solutions at Ixia. “We see that network
segmentation adoption is on the rise, but that up to half of those
segments are not being monitored. We anticipate that network
visibility into every segment, IoT monitoring and AI will be some
of the key security topics in 2017.”
For the full report, please visit
https://www.ixiacom.com/resources/security-report-2017.
About Ixia
Ixia (Nasdaq: XXIA) provides testing, visibility, and
security solutions, strengthening applications across physical and
virtual networks for enterprises, service providers, and network
equipment manufacturers. Ixia offers companies trusted
environments in which to develop, deploy, and operate. Customers
worldwide rely on Ixia to verify their designs, optimize
their performance, and ensure protection of their networks to make
their applications stronger. Learn more
at www.ixiacom.com.
Ixia and the Ixia logo are trademarks or registered
trademarks of Ixia in the United States and
other jurisdictions. All other trademarks used herein are the
property of their respective owners.
Connect with Ixia
LinkedInTwitterIxia BlogYouTube
View source
version on businesswire.com: http://www.businesswire.com/news/home/20170320005387/en/
Ixia Media Contact:Denise Idone, Senior Corporate
Communications ManagerOffice: (631) 849-3500Mobile: (516)
659-7049didone@ixiacom.com
Ixia (NASDAQ:XXIA)
Historical Stock Chart
From Mar 2024 to Apr 2024
Ixia (NASDAQ:XXIA)
Historical Stock Chart
From Apr 2023 to Apr 2024