As we look back now, it is amazing to remember all the things we achieved together and all the threats BitNinja saved us from since the start of the year. Here’s a five minute summary of what we have been up to in 2018. Hacker-free new year to everyone! See you in 2019!
Thank you for an amazing 2018!
First of all, we’d like to say thank you for your engagement and support all around the year. You inspire us to achieve the best security solution available, to develop our community and to deepen our knowledge of every aspect of cybersecurity.
Thanks for being such great partners and reaching these amazing milestones with BitNinja:
Top-notch Linux Server Security
2018 started with two critical CPU vulnerabilities. Desktops, laptops, smartphones, tablets, cloud devices, servers… All of them got endangered by Meltdown and Spectre. Another punch at server owners' face was Drupalgeddon#3, where we had to act quick and patch it in 48 hours. And threats just kept coming over the year...
There's no question that BitNinja left its mark on the cybersecurity industry this year, too. How do we know that?
1,555,552,253 stopped attacks worldwide must have been a pain in the... eye of the hackers. The dispersion was something we had counted on, having the majority of the attacks at Q3 and Q4, as we predicted in our Black Friday attack note.
The attack trends weren’t really surprising - they showed huge similarity with the former years’ statistics.
Our Port Honeypot module was the busiest, as usual, capturing millions of port scans and sweeps over the year. Most of the time, this is the very first phase of automated web attacks, so it's no wonder it won the first prize.
As our honeypot modules stopped all these attacks proactively and grey/blacklisted the attackers quickly, other modules, like the WAF, Log Analysis and DoS Detection had much less to do.
The list of the heavily scanned ports hasn’t changed much since we last tracked them. Telnet is still on top of the list, and the only one ruining its position was port 119 jumping by place #29 to #6.
But it’s worth taking a look at the most common attack types of 2018 - captured by BitNinja - as well.
Watch out WordPress hosters! 5 attack types of the Top10 list are used to hack into the servers through WordPress. Here you can see the shortlist for the graph above:
Malware infections were still a hit, here you can see the quarantined malware infections by BitNinja through the weeks.
Our WAF 2.0module - debuted this year - and you guys started to use it slowly but steadily. We’ve tested and tailored the rulesets during the last months so you can get the best value out of its protection. It has already captured 7,806,72 web attacks!
Looking at the analytics, the most frequently triggered rules are related to:
Remote File Inclusion (RFI) - A common attack that remotely uploads malicious scripts to an application's server and results in information theft and compromised websites. Read more about RFI in our previous article.
The most active botnet of the year was the HelloPeppa, emerging over the summer:
Considering the top-attacking countries, China - no surprise - is No1. Nonetheless, many infected servers tried to attack our defense network from Brazil, the USA, Russia, Vietnam, and India, too. We’ll continue working on making the Internet a safer place and increasing the number of BitNinja-protected servers in those countries as well. 😉
One last thing
We’re dedicated to develop the best security for your servers and keep your business successful, without security issues.
What’s waiting for you in 2019?
Just to mention some - an upgraded Malware Detection module, a brand new Dashboard to help your daily job, a false positive terminator to keep FP rates low, new feature against phishing sites, and new integrations for your convenience.
Proactive server protection from a centralized, easy-to-use console. Secure your web servers and customers’ websites against all kinds of cyber threats with our multi-layered security tool
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.