[Advertorial] Cyber ​​attacks pose a real threat to businesses of all sizes. This shouldn’t be news anymore.

By raising awareness, implementing access controls, updating software, securing the network, encrypting data and creating an incident response plan, organizations can effectively defend against external and internal threats. This is an ongoing effort to protect company data and reputation, and an investment that will prove invaluable in the long run.

In this article, we want to show concretely, using real and local Belgian figures, that the potential danger in our companies is not a myth. At AXS Guard, they put a lot of emphasis on preventing problems so that they don’t have to be solved after the fact. These numbers provide an indication that the danger is real and where it is coming from. The data comes from more than 1,500 Belgian AXS Guard customers.

External threat

A good cybersecurity approach is a combination of different mechanisms that need to work together at multiple levels. Based on technical measures that every company must implement, we distinguish between external and internal threats. Let’s start by identifying some external threats.

Hackers constantly scan the Internet for vulnerabilities based on their countless systems that have already been hacked. This is done fully automatically and only when a vulnerability has been found is an attempt made to exploit this point in a more manual way.

The firewall, which includes AXS Guard, has several tools on board that block these types of scans or attacks.

• Based on lists and data that are automatically and continuously updated, we have analyzed that we block an average of 13,000 connections per day, the average per week (per system) is almost 100,000 and when considering all systems, we block more than 10 million connections per day. Each of these attempts poses a potential threat to the company.

• We also use intrusion detection & prevention tools. These are security technologies used to monitor and protect networks from unauthorized access, malicious activity and potential threats. They play an essential role in maintaining the security and integrity of digital assets by detecting and responding to suspicious or malicious behavior in real time. Over 1000 and active rules, we block more than 2,600 dangerous hacks per day, in other words, we thwart almost 2 advanced intrusion attempts per system per day thanks to IPS security.

• GeoIP filtering: By excluding certain countries or regions from communicating with the company protected by AXS Guard, we further reduce the risks. An analysis of the countries/regions selected by our customers and partners resulted in the following top 10 overview. It’s no surprise that Russia and China are (currently) way ahead here:

  1) Russian Federation
  2) China
  3) Korea
  4) Iran
  5) Afghanistan
  6) Iraq
  7) Kyrgyzstan
  8) Armenia
  9) Azerbaijan
  10) Pakistan

  While hacking attempts are usually correctly attributed to countries on this list, a thorough log analysis reveals that a significant proportion of these attempts also originate from neighboring countries. A ranking of countries with the highest incidence includes:

  1) United States
  2) Germany
  3) Netherlands
  4) China
  5) Russia
  6) United Kingdom
  7) Romania
  8) Hong Kong
  9) Bulgaria
  10) India

  GeoIP filtering is definitely a useful and necessary tool, but the danger is not necessarily remote and vigilance is required.

• E-mail: It goes without saying that e-mails represent a major source of danger. Even if you use Microsoft 365 or other email applications. To be on the safe side, scan your email traffic with AXS Guard’s email content scanners. We catch daily still roomy 8,400 single and dangerous email messages on our networks.

Internal threat

We always advise our customers to take a number of technical measures at internal level, in addition to awareness raising and social control. Again, for the sake of prevention, it stops the threat before it can strike.

• Block unwanted (web) applications: Some applications may be known for their vulnerabilities or security risks. By proactively blocking these applications, you limit the potential attack surface and reduce the risk of breaches, malware infections, and data leakage.
  Sometimes it is also decided to block them for productivity reasons. Blocking social media or online games can improve your team’s focus and efficiency. Finally, there is also an efficiency gain, since blocked applications do not consume any bandwidth.

  AXS Guards block more than 390,000 applications daily. Our customers block the following applications the most, in order.

  Social media:
  Facebook
  Tick ​​tock
  Skype
  Twitter/X
  Whatsapp
  chatter
  viber
  iMessages

  Data exchange:
  Bittorrent
  iCloud
  Dropbox

  media
  Spotify
  iTunes
  Netflix

  logs
  Email (SMTP/IMAP)
  Web (HTTP, HTTPS)
  VPN (OpenVPN)
  DNS

• DNS Security: DNS security is an additional layer of protection on top of the existing solutions that AXS Guard has on board. This is to protect our customers from cyber threats such as malware, ransomware and phishing. Research shows that up to 91% of all malware uses insecure DNS connections. By first checking these DNS requests and blocking them if necessary, you immediately eliminate most of the risks.

  Thanks to DNS security solutions, we stop potential threats before they even reach your network. Since every internal DNS request, whether legitimate or illegal (malware, spyware, ransomware), has to pass through AXS Guard, we can intercept it. Not only do we block all unwanted requests, we can even trace them down to the user level. This way we know exactly where the potential danger is coming from and can take further measures against it.

  In the last 30 days we had over 4,200,000 hits through DNS security. Each of these requests were blocked by AXS Guard. We classify the results into the following categories:

  • malware, spam, Fraud And phishing: SecureDNS can analyze DNS queries and identify malicious domains associated with phishing attempts, malware distribution and other malicious activities. It can prevent users from accessing these malicious resources by blocking DNS resolution. Total: Malware: 2,000,000 Hits, Spam: 694,000, Phishing: 374,000, Fraud: 224,000
  • DNS filter: Block unwanted content: A DNS filter can be configured to block access to specific websites or groups of websites (18+, social media, gaming and more).
    A total of 673,000 hits in 30 days
  • botnets (194,000 hits) and Advanced Persistent Threats (120 hits) are very serious alerts as there is active communication with the hackers’ back office.
  • certificates (50,000 hits): These are specific domains that the Federal Cyber ​​​​​​Emergency Response Team, or CERT for short, has reported as malicious and should therefore be blocked.
  • New domains (7000 hits): are new domain names that are blocked for 24 hours as they are often only created for the purpose of setting up new abuses.

Diploma

From small start-ups to medium and large companies, it is crucial to be prepared for both external and internal cyber threats.

The numbers above are facts. Measured against Belgian companies that are already protected. We’ve measured what we’re holding back and that gives us a really good idea of ​​what these companies are experiencing on a daily basis. You can imagine what will happen if you don’t. Can your company take this risk?

Cybersecurity is just too complex for most organizations. “Even for companies that have their own internal IT team, as they are often already overworked and do not always have the right specialization,” says Alex Ongena, Manager of AXS Guard. “Choosing the right security partner to help them do this is possibly the most important decision a company needs to make,” he adds.

Many existing managed security solutions have historically been geared towards large enterprises and are therefore completely unaffordable for SMBs.

With an offer specifically designed for SMEs and our Observe & Protect Managed Security Service, we offer a solution at enterprise level, but adapted to the budget of an SME.

In addition, a traditional SOC is often just a reporting service that sounds the alarm, but does not necessarily actively nip the danger in the bud. “Choose a security partner that sees the big picture and intervenes immediately when necessary,” concludes Ongena.

This is a commercial submission by AXS Guard. The publishers are not responsible for the content. More information about Click here to learn more about the company’s security solutions.