Describing The Cyber Neigborhood

The Cyber Security Neigborhood Is it Safe?  Link to a page at Fixvirus.com

The internet used to look like this in 1986:

NSFNETimagefromslsc.org

 

And slowly but surely it became more  complex(1991):

internetasof1991slsc.org

So now that the globe is connected, what does the cyber neighborhood look like?  (besides the network connections which are just a massive number of connections that look like a spherical  ball)

Apparently we have 3.3B users on the Internet (as of 2015 survey at internetworldstats.com¹)

When reviewing this issue (Cyber neighborhoods – what are they) I decided to look into the languages used on the Internet. And that is because of how we congregate with like minded people. Humans are creatures of habit and comfort. so the various languages make a binding of s sort.

languagesoftheInternet

 

I made some generalizations, in placing some countries in certain regions.

English is in USA (which includes all English speaking users), because even though one is in Hong Kong as an expatriate it is likely the user will use US based websites.

And so I divided  the globe into three regions due their cultural significance:

Asia, Europe, and USA.  Typically Asian people will have a different way of doing things. And that goes with European and USA users as well.

For the African nations and users even though they are also distinct, I decided to lump them into the other categories since they take on enough uncharacteristic of European and Asian culture depending on their jobs and status.  So obviously there is a bit of a “fudge factor”, but in my estimation acceptable since this is a quick analysis.  (south and Central America are also shaped by USA and Europe)

So if cyber neighborhoods are Asia, Europe, and USA then we have

the beginning of a type of congregation. Where in 2000 the users were maybe a Billion, now they are 3.3B. This will increase higher and higher until almost every person is an Internet user on the planet.

So the trend line is unmistakable from the Cisco analysis last year:

ciscointernetofthings

 

So we are not talking about all ip addresses like Cisco did (50 Billion estimated addresses by 2020)² as that is yet another issue.

The cyber neighborhoods should also include classifying people, businesses, IoT’s and Criminal activity.

 

As the Criminal element has a way of overshadowing others I think we need to keep this in mind upfront and center.

unsavorycharactorsinyourneighborhood

 

China has a big imprint on the world, and it’s corrupt areas of administration in some places which have state-sanctioned cyber espionage. This is a cultural thing,  as in China it is normal to try and take each others inventions and try to redo them in your own method³.

chinapublic

Most interesting is: “It’s not who does it first, but who does it best”

But there should be a caveat in that explanation. It should be who does it best no matter the circumstances.  Even if I copy your product.

As others have noted China is a unique “partner” in our Cyber neighborhood. We do business with it while they are actively stealing our intellectual property if we let them with our plans and all.

So the East European criminal gangs are fighting with Chinese nation-state gangs to get a piece of the USA cyber business.

Europegangs

The culture of Europe is different from the rest of the world, lots of regulations, lots of different languages, it is not unheard of to know 2 or 3 languages. But there are also the backwaters which have more corruption than above board transactions. Greece for example is an anomaly, in the EU, has lots of corruption, has minimum levels of above board transactions, but does not seem to have a major cyber crime element.

 

Whereas several countries in eastern Europe have low GDP’s corruption and large criminal elements.

Maybe we need to subdivide the cultural elements into the following:

  • Criminal element
  • Business
  • Home or Personal
  • Government (local, state, and nation)

 

I don’t think anyone really subdivides their surveys into the above categories so we have to figure out what these are.

The darknet seems to be a place for the criminal element to congregate.  The Daily Dot did some analysis(4), this analysis claimed Tor hidden services are 3.4 percent of Tor traffic.

Some claim the Darknet is much larger than the regular net.

The regular Internet is now not so easy to categorize as in the 90’s where a port number would signify the service and usage. Now there can be encrypted communications  or other setups that hide the true nature of the communication.

Besides if the Criminals only talked to each other in the DarkNet then that would not be a bad thing.

 

What we are really interested in is how everyone connects to all the  Business, Personal, and Government areas.

What are the number of attacks by the criminal gangs?

 

One day there is nothing, and the next there are a lot of attacks. In fact many DOS or DDOS (Distributed Denial Of Services) prequel more attacks so we can at least figure out that information(5).

 

arbortrafficanalysis

In Arbor’s analysis there is  90Tbps (terabitpersec) of traffic around the globe.   90,000,000,000,000.

(the graph shows ~400 attacks on Israel).  which is about 30Gbps 30,000,000,000.)

Looking around the net we find digitalattackmap.com (6)

DDOSattacksonDec182014

These things are not perfect (Attackanalysis) but it looks like the larger attacks(including the Sony attack in that time period) were about 400GB of traffic.

Since we don’t know the traffic total for that year still only 400GB versus even half the amount of 2015 (90TB).  would be 400/45000 = less than 1%.

I surmise the attacks on us by the criminal element are in the neighborhood of 1% since most days everything still works, and no one is the wiser.

So it is not the volume of attacks that are coming  or have been here in the past, it is the unknown attacks slowly bleeding you dry until they are ready to pounce.

Securitymagazine(7)  predicts that Ransomware will increase, since they increased in 2015

2nd quarter 1.2 million new

3rd quarter 400,000 new

there were 4 million ransomware samples seen.

the problem with these reports are the security industry has a reason to inflate the numbers.

And you will likely not read this unless there is a juicy headline.

But the bottom line is we need to investigate our neighborhood and figure out how and what we are being attacked, from where is also important.

 

Contact Us to investigate your situation.

 

 

 

 

  1. http://www.internetworldstats.com/stats7.htm
  2. http://oversitesentry.com/reviewing-all-of-the-changes-in-2015/
  3. https://www.techinasia.com/chinese-companies-copy
  4. http://www.dailydot.com/politics/tor-dark-net-study-size/
  5. http://www.arbornetworks.com/blog/asert/ddos-and-geopolitics-attack-analysis-in-the-context-of-the-israeli-hamas-conflict/
  6. http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&list=0&time=16422&view=map
  7. http://www.securitymagazine.com/articles/86787-ransomware-attacks-to-grow-in-2016