1. Home
  2. Blog
  3. Real-Time Deutsche Telekom Cyber Attacks Map Highlights the Fact That Growing Numbers of Firewalls are not Working Properly

Last updated February 15th, 2023 by Reuven Harrison

Deutsche Telekom’s new and interactive real-time map of global cyber attacks is significant because the bulk of attacks (27.3m last month) identified by the Sicherheitstacho service were against the Server Message Block (SMB) – aka the Common Internet File System (CIFS). This attack vector operates across an application-layer network protocol that is mainly used for providing shared access to files, printers, serial ports, and miscellaneous communications between nodes on a network.

With over 226 million SMB attacks tracked last month – compared to 800,000-plus against the NetBIOS services, 680,000-plus on port 33434 and 600,000-plus against SSH – this highlights the fact that businesses – and high-end consumers – are losing control over their network resources – including their firewalls.

The results of this real-time and rolling analysis from Deutsche Telekom – which takes in data from almost 100 honeypot-style sensors around the world – confirms the findings of our annual Firewall Management Survey, details of which were released late last month, and which found that half of businesses audit their firewalls just once a year and, and 15% never audit their firewalls at all.

The problem with controlling the firewall in many organizations – and why SMB/CIFS attacks make it through – is that modern firewalls need to be regularly updated to cope with configuration changes, with 70% of the 200 respondents to Tufin’s annual survey reporting application service disruptions up to 20 times a year due to configuration changes.

We found that 93.6% of all firewall change requests are application-related, this confirms our observation that the function of firewalls has evolved to include secure application connectivity – in addition to their traditional role of perimeter security. The problem highlighted by Deutsche Telekom’s new cyber attack service – is that cybercriminals are clearly exploiting the loopholes that arise as a result of these changes.

You can see Deutsche Telecom’s interactive map here

Read the Annual Firewall Management Survey

Don't miss out on more Tufin blogs

Subscribe to our weekly blog digest

In this post:

Background Image