Hackers turn back the clock with Telnet attacks

The 40-year old protocol is increasingly being used by hackers, according to Akamai

A new report from Akamai Technologies shows that hackers appear to be increasingly using the Telnet remote access protocol to attack corporate servers over mobile networks.

Akamai, which specializes in managing content and Web traffic, issues quarterly reports on Internet traffic trends. The latest report, which covers the third quarter of 2010, shows that 10 percent of attacks that came from mobile networks are directed at Port 23, which Telnet uses. That marks a somewhat unusual spike for the aging protocol.

Telnet is a remote access tool used to log into remote servers, but it has been gradually replaced by SSH, also known as Secure Shell. Administrators are generally advised to disable Telnet if the protocol is not used to prevent attacks targeting it, but some forget.

Although those attacks originated from mobile networks, Akamai said it did not appear that mobile devices were the source.

"As noted previously, we believe that the observed attack traffic that is originating from known mobile networks is likely being generated by infected PC-type clients connecting to wireless networks through mobile broadband technologies and not by infected smartphones or similar mobile devices," according to the report.

Including all types of attack traffic sources, about 17 percent of attacks were directed at Telnet. Port 23 was "overwhelmingly the top targeted port for attacks" in Egypt, Peru and Turkey, Akamai said.

"It is not clear if there is a common thread that connects these three countries, nor whether these observed attacks were brute-force login attempts or some other botnet-related traffic," the report said.

Akamai found that Port 445, which is a commonly used port for Microsoft products, was the most targeted one, although the attacks declined. The attacks peaked more than a year ago due to Conficker, a worm that rapidly spread and targeted the port.

"While the percentages are still fairly significant, this decline may signal ongoing efforts by network service providers to identify and isolate infected systems, as well as ongoing efforts to patch and/or upgrade infected systems," the report said.

Port 445 attacks were responsible for much of the attack traffic in Brazil, Germany, Italy, Russia, Taiwan and the US. In China, however, attacks against SSH, which runs on Port 22, were more common than those against Port 445, Akamai said.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securityfraudmalwaredata protectiondata breachintrusionExploits / vulnerabilitiesAkamai Technologies

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Brand Post

PC World Evaluation Team Review - MSI GT75 TITAN

"I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it."

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?