At Level 3, we take the security of our network very seriously. And given our scale that makes for an interesting challenge, to say the least!
Level 3 monitors its global backbone and services to identify threats, attacks and malicious traffic.
The following is illustrative of a per-country breakdown for certain Command and Control (C2) nodes during a 24 hour period. C2s are what control other “bots”, such as a participant in the event of a denial of service (DoS) attack, or as a place to host and serve malware.
We like to think of these as the bad guys:
Interestingly, the majority of activity is not only in the U.S., but distributed across most of the top Internet-connected countries. And the associated bots, or victims, that are under control of those C2 nodes, are based on their originating country. The numbers represent the amount of unique sessions that we observed in the previous 24 hour period on our network. In other words, the number unique IP addresses that were speaking with one or more IP addresses in the represented countries.
We like to think of these as the unwitting victims. As discussed above, this represents the unique number of sessions in the previous 24-hour period, but this is the other end of the spectrum – those that have been infected:
In each case, our aim is to stop attacks before they start. So how do we do that? Level 3 employs a variety of controls and countermeasures on our network, both proactive and reactive.
On the proactive side, we update certain control elements on a regular basis based on the efforts illustrated above. These control elements serve to protect not only the network itself, but many of our customers as well. We are also continually engage with industry stakeholders to ensure a better performing and safer network for everyone.
While there is certainly more Good than there is Bad and Ugly when it comes to the Internet, like any productive community, it requires a Sheriff to create a safe place for all involved. It’s a big job – especially with the increasing sophistication of cyberattacks – but we are up to the challenge. 24/7/365.
Looking for ways to upgrade your network security?
Check out our security solution guide.