JSOC INSIGHT vol.17 English Edition

"JSOC INSIGHT" is an analysis report on the trend of security incidents, such as unauthorized access and malware infection, in Japan, based on daily analysis results by our JSOC security analysts. Since this report analyzes the trends in attacks, based on the data of incidents which JSOC customers actually encountered, the report will help in understanding world trends as well as actual threats that Japanese users are facing.

JSOC INSIGHT vol.17 contains below topics.

• WannaCry infection incidents
• Trend of traffic detected as related to DDoS attacks

Contents

1. Preface
2. Executive Summary
3. Trends in Severe Incidents at the JSOC
    3.1 Trends in severe incidents
    3.2 Types of traffic to pay attention to
4. Topics of This Volume
    4.1 WannaCry infection incidents
     4.1.1 Known WannaCry behavior
     4.1.2 WannaCry-infected traffic detected
     4.1.3 Countermeasures against WannaCry
    4.2 Trend of traffic detected as related to DDoS attacks
     4.2.1 Overview of DDoS attacks that used a UDP-based service as a stepping stone
     4.2.2 Incidents detected as being related to amp attacks
     4.2.3 Trend of attacks detected as related to Mirai infection
     4.2.4 Countermeasures

Appendix 1 Various Verification Codes Released by The Shadow Brokers
Conclusion