Network Intrusion and Attack in Ethiopia

Types of Network Attacks

According to different resources, most of these attacks likely deployed through application-layer network protocol that operates over TCP ports 139 and 445, which provides various services such as file and printer sharing and remote access services. The intrusions used arbitrary code execution and performed an unauthorized activity on information technology infrastructures in the region. The attacks exploited vulnerable or improperly configured applications, services, and operating systems.

The observed intrusions potentially broke into the systems and took control of the logical, and infrastructural resources of the networks in the region. Unless immediate and appropriate reactions are taken, the outcome of the attacks extends beyond the time frame of the incidents. Once the intrusion conducted effectively, the attackers grant themselves elevated/admin and backdoor access on the systems. Due to this reason, the threat potentially remains beyond the time frame of the attack.

Checking the security reports of the ISPs in the region proofs that how the network infrastructure extraordinarily vulnerable and needs immediate attention. Out of one hundred random email communication, more than 95/% of the mail shows a poor reputation or sign of vulnerabilities. Most of the communications on the network must be critically exposed to unauthorized third parties or parties that carried out network attacks successfully and use the system to circulate botnets or spam.

Based on the global threat analysis, what poor email reputation proves – the security of the email communications through the network was untrusted or displaying behavior that is exceptionally bad, malicious, or undesirable. In most cases, when the security level of the network is low, the confidentiality of the message gets questionable. Any communication carried out through the poisoned network most likely rejected by the intended receiver (user, system, and network). Additionally, there is a high probability of tampering the content of the message carried through the corrupted network.

The report aggregated the spectrum of risk related to the information technology infrastructure and users’ online activities in the region. Of course, due to time constraints, this report doesn’t show in-depth analysis to get a more extensive understanding of the threat levels. If further details needed, I recommend performing more comprehensive exploration. With the help of threat intelligence and monitoring users’ online activities, cyber-security professionally can distinguish further on what’s going on in the network. I encourage internet users in the region to find a way to establish trusted communication in an exceptionally volatile digital environment.