Why Malicious IP Addresses Still Pose a Threat?

According to the cyber-security experts at Webroot, 2019 saw massive amounts of malicious IP reuse in the IPv4 space, being that it is entirely allocated and assigned – but the bigger picture here is that new, never-before-seen addresses are being used by cyber-criminals to launch their attacks, and this is something we need to make our readership and customer base aware of.

To begin with, some of the statistics Webroot shared in its 2020 Threat Report with regard to malicious IP addresses are alarming: The company sees over 26 million IP-related security incidents each day, its engineers tracking IP addresses by way of the malicious activities they carry out (scanners or proxies, spam, Windows exploits, web attacks, botnets, phishing and mobile threats) so that they can be blocked proactively. Overall, some 88-percent of total malicious IP addresses in 2019 were deemed “malicious” due to repetitive spam triggers, but, it’s the total number that was truly eye-opening, according to Webroot representatives – in one day, the company reported as many as 4.6 million spam IPs.

DMS iTech Fun Fact: For the purposes of its 2020 Threat Report, Webroot does not share the millions of such threats it tracks, but rather shows what it witnessed from the most recurring top 50,000 malicious IPs (i.e. those with the highest number of observed malicious transactions).

Breaking it Down Geographically

It’s something of common knowledge that malicious IPs are a global hazard, but some of the numbers Webroot included in its 2020 Threat Report really put a white-hot spotlight on the situation: The top 50,000 malicious IPs, according to the company, span 184 countries and – measuring by convictions – some 80.6-percent come from 23 countries (with more than half originating from just six nations).

The top six countries representing 50-percent of malicious IPs include:

  1. USA
  2. China
  3. Vietnam
  4. Russia
  5. India
  6. Indonesia

Rounding out the top 10 are:

  1. Netherlands
  2. Taiwan
  3. Ukraine
  4. Germany

IP Numbers Under the Microscope

Believe it or not, it’s good old-fashioned spam that continues to take the top spot on the list of malicious IPs, according to Webroot, with botnets rising from just three-percent last year to eight-percent this year, and scanners still representing a significant percentage of the total seen in the top 50,000 (16-percent); this is down somewhat from last year’s 19-percent.

What Webroot really wanted to drive home with these results, though, was that malicious IPs are responsible for more than just one type of “bad behavior” – indeed, all of the top 50,000 malicious IP addresses have been convicted in four or more categories (and, by “convicted,” Webroot refers to the number of times malicious behavior resulted in the IP being categorized as malicious or risky, not benign). Further, they appear multiple times, what with 96-percent of bad IP addresses exhibiting malicious activities more than once.

DMS iTech: Fighting the Malicious IP Fight

With the right certified professionals boasting the necessary experience, DMS iTech is your one-stop-shop when it comes to protecting your systems. Contact one of our representatives today to learn how we’re fighting the good fight against malicious IP addresses.