A comprehensive data of the global cybersecurity threat landscape, which spanned from 2007-2017, was developed to enable cybersecurity specialists to derive new insights and predict future malicious online activity (mal-activity).
As reported, FinalBlacklist is the first and largest publicly available dataset of its kind.
Researchers from CSIRO’s Data61, data and digital specialist data sciences arm of Australia’s national science agency, are working with researchers from the Macquarie University, in collaboration with the University of Sydney and Nokia Bell Labs.
Largest global cybersecurity dataset
The researchers collected a total of 51.6 million mal-activity reports dating back to 2007 involving 662,000 unique IP addresses worldwide.
These were categorised using machine learning techniques into six classes of mal-activity. These are:
- Malware
- Phishing
- Fraudulent Services
- Potentially Unwanted Programs
- Exploits
- Spamming
Malicious software (or malware) has consistently been the weapon of choice for cyber-criminals over the past decade.
Reports of phishing activities have also steadily risen with a spike in 2009, coinciding with the increased adoption of smartphones.
In 2013, another spike was experienced, which can be linked to the growing popularity of digital payment systems. This attracted unwanted attention from cybercriminals.
Benefits of FinalBlacklist
Analysis of the retrospective dataset will allow researchers to identify how the sources, types and scale of different mal-activity have transformed over time and will prepare organisations against it.
The dataset had been made available to the wider research community so that it can be used to train algorithms to predict future instances of mal-activity before they happen.
A retrospective analysis of historical mal-activity trends could help reduce the impact of cybercrime on the economy.
Researchers and organisations are locked in a perpetual arms race to combat widespread malicious activity on the Internet.
Findings
The dataset shows that mal-activity has consistently increased in volume over the last decade. In fact, the annual cost of cybercrime damages is expected to hit AU$ 6 trillion by 2021, according to Cybersecurity Ventures.
The analysis revealed a consistent minority of repeat offenders that contributed a majority of the mal-activity reports.
Detecting and quickly reacting to the emergence of these mal-activity contributors could significantly reduce the damage inflicted.
Tips to avoid malicious online activity were provided. These are:
- Keep operating system (OS) current: Keep it up to date. OS developers regularly issue security patches that fix and plug security leaks.
- Do not give in to ransom demands: There are no guarantees that files will be released when dealing with criminals.
- Think before you click: Do not click on a link in an unsolicited email or open email attachments from somebody that you do not know. Hover over the link to check its validity.
- Do not reuse passwords: Use unique passwords for all online accounts. Randomly mix up symbols and numbers with letters. The longer and more complex the password, the more effective it will be in preventing brute-force attacks.
- Install ad blockers: Ads can be used to serve up malware or malvertising, which is malicious advertising containing viruses, and these simple web extensions can prevent this.
- Install script blockers, particularly JavaScript-blockers: Privacy-preserving tools pre-emptively block malicious scripts and only allow JavaScript, Java and other content from trusted sites.