sb-nz logo
Story image

Public dataset to help researchers predict malicious activity unveiled

08 Oct 2019

Australian researchers have created what they are calling ‘the largest public available dataset of malicious internet activity’ of its kind. They hope it will help cybersecurity specialists predict what security threats the future could bring.

CRISO’s Data61, Macquarie University, University of Sydney, and Nokia Bell Labs developed the dataset, called FinalBlacklist, that spans 10 years from 2007-2017.

The dataset comprises 51.6 malicious activity reports involving 662,000 unique IP addresses across the globe. The reports include malware, phishing, fraudulent services, potentially unwanted programs, exploits and spam, all identified and categorised using machine learning technologies.

CSIRO’s Data61 information security and privacy research leader, professor Dali Kaafar, says malicious software has been cybercriminals’ weapon of choice over the past 10 years.

“Last year the WannaCry ransomware attack affected more than 300,000 computers across 150 countries causing billions of dollars in damage. Ransomware remains a persistent threat as evidenced by the recent attacks against hospitals across Victoria,” Kaafar explains.

“Reports of phishing activities have also steadily risen with a spike in 2009 coinciding with the increased adoption of smartphones. In 2013, another spike was experienced which can be linked to the growing popularity of digital payment systems which attracted unwanted attention from cybercriminals.”

Analysts and researchers will be able to train their algorithms to identify how the sources, types, and scale of malicious activity have changed over time, so that they could potentially predict future activity before it happens.

According to the data, the annual cost of cybercrime damages may hit $6 trillion by 2021.

CSIRO’s Data61 software and computational systems research director Dr Liming Zhu adds, ““The insights that can be drawn from the FinalBlacklist dataset represent a significant contribution to cybersecurity research. A retrospective analysis of historical mal-activity trends could help reduce the impact of cybercrime on the economy.”

According to the researchers, other databases like this do exist, but they’re often kept under wraps due to privacy concerns and the desire to maintain competitive advantage. Conversely, FinalBlacklist is available publicly.

“Our analysis revealed a consistent minority of repeat offenders that contributed a majority of the mal-activity reports. Detecting and quickly reacting to the emergence of these mal-activity contributors could significantly reduce the damage inflicted,” Kaafar concludes.

The researchers offer these tips to avoid malicious online activity:

  • Keep your operating system current: Whether you’re running Windows, Mac OS, Linux, or any other OS, keep it up to date. OS developers regularly issue security patches that fix and plug security leaks.
  • Don’t give into ransom demands: If your device is infected by ransomware and you are locked out from accessing your files, don't pay the ransom. There are no guarantees that your files will be released when you are dealing with criminals.
  • Think before you click: Do not click on a link in an unsolicited email or open email attachments from somebody that you do not know. Hover over the link to check its validity.
  • Do not reuse passwords: Use unique passwords for all online accounts. Randomly mix up symbols and numbers with letters. The longer and more complex your password, the more effective it will be in preventing brute-force attacks.
  • Install ad blockers: Ads can be used to serve up malware or malvertising (malicious advertising containing viruses) and these simple web extensions can prevent this.
  • Install JavaScript-blockers: Privacy preserving tools like NoScript pre-emptively block malicious scripts and allows JavaScript, Java and other potentially dangerous content only from trusted sites.
Story image
Video: 10 Minute IT Jams - Who is LogRhythm?
LogRhythm VP of sales for Asia Pacific Simon Howe, who discusses the company's primary offerings and services, what products the company is focused on for the future, and the infrastructure it has in the A/NZ market.More
Story image
How cyber-attackers use Microsoft 365 tools to steal data
Vectra security research has recently identified how cyber-attackers use Microsoft Office 365 tools against organisations to steal data and take over accounts.More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
COVID-related email subjects biggest threat in phishing scams
Coronavirus-related email subjects remain the biggest threat in phishing scams, a new study has found.More
Link image
The importance of data resilience in the current cybersecurity climate
Protecting an organisation's data is one of the most crucial functions of any CISO. Strategies should be in place where data is stored securely and cost-effectively.More
Story image
BlackBerry partners with ServiceNow for incident response management
BlackBerry has announced it has entered into a partnership with ServiceNow to integrate the BlackBerry AtHoc service within the Now platform for rapid crisis communications and IT service management. More