TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

F5 Labs

Regional Threat Perspectives, Fall 2019: Latin America

2019-12-03 · Read original ↗

ATT&CK techniques detected

9 predictions
T1071.001Web Protocols
93%
“and ensure that no single region is overrepresented in the total data analysis. latin american was the only region to receive malicious traffic attributed to source ip addresses assigned in venezuela, costa rice, colombia, and chile. traffic from ip addresses in these countries a…”
T1071.001Web Protocols
79%
“regional threat perspectives, fall 2019 : latin america f5 labs, in conjunction with our partner baffin bay networks, research global attack traffic region to region to gain a deeper understanding of the cyber threat landscape. aside from attack campaigns targeting the entire int…”
T1078Valid Accounts
76%
“internet receive, the likelihood of vulnerabilities existing, and the amount of compromised credentials available to attackers. when you take an “ assume breach ” defensive position, you are collecting attack traffic and monitoring your logs. you can use this high - level attack …”
T1071.001Web Protocols
63%
“we refer to these as “ top source traffic countries. ” ip addresses assigned to brazil launched the most malicious traffic against systems in latin america from august 1, 2019, through october 31, 2019. the top 10 source traffic countries during this period were : brazil venezuel…”
T1071.001Web Protocols
56%
“filter since typically businesses want to remain accessible to customers in their region. latin america also received a considerable amount of traffic from ip addresses assigned in argentina ( position 11 ). latin america was one of two regions to receive malicious traffic from a…”
T1133External Remote Services
50%
“internet receive, the likelihood of vulnerabilities existing, and the amount of compromised credentials available to attackers. when you take an “ assume breach ” defensive position, you are collecting attack traffic and monitoring your logs. you can use this high - level attack …”
T1071.001Web Protocols
39%
“, russia, and the middle east saw the most unique ip addresses attacking their systems. in latin america the top attacking ip addresses were very geographically spread out, with 8 ip addresses being the only one from their country. as mentioned in the top source traffic countries…”
T1046Network Service Discovery
37%
“, russia, and the middle east saw the most unique ip addresses attacking their systems. in latin america the top attacking ip addresses were very geographically spread out, with 8 ip addresses being the only one from their country. as mentioned in the top source traffic countries…”
T1584.005Botnet
36%
“the region, more than ip addresses assigned to the venezuela, in second place. latin america was also one of two regions targeted by attack traffic assigned to ip addresses in argentina. - three of the top five ip addresses launching attacks against systems in latin america were …”

Summary

Latin American systems received more attacks from IP addresses within the region that coincidentally did not attack anywhere else in the world.