Calyptix Releases Threat Intelligence Report

The findings examine cybersecurity threats for small businesses in North America.

August 26, 2017

3 Min Read


Charlotte, NC – Calyptix Security today published a cyber security report that analyzes threat intelligence data collected exclusively from small business networks in North America. The report offers a look into a branch of cyber security often overlooked in other research.

The report, Threat Intelligence Report: 24 Hours of Inbound Attacks on Small Networks, reviews intrusion detection alerts captured from about 800 network security devices at small businesses across the U.S. and Canada.

“Small businesses in North America face cyber threats that are far different than those targeting huge enterprises or companies halfway around the world. We felt a dedicated report was needed to highlight the specific challenges they face, and Calyptix is the perfect position to provide this insight,” said Ben Yarbrough, CEO, Calyptix Security. 

The Threat Intelligence Report from Calyptix focuses on network security data from the smallest networks – those ranging from about 5 to 100 endpoints. Intrusion detection alerts were collected from security appliances at these networks for a single 24-hour period in Aug. 2017 for the report.

“Cyber security research tends to either ignore small businesses or roll them into a larger group, such as ‘networks with fewer than 500 endpoints.’ But is a network with 400 devices really a small business environment? We don’t think so, and that’s why we feel this report is critical,” said Yarbrough.

The report also focuses exclusively on sites in the U.S. and Canada, another distinction from other cyber security reports that often blend data collected from regions across the globe.

Insights from the report:

  • 40% of attacks were against data base systems, 96% of which were against Microsoft SQL Server (MSSQL) specifically.

  • 30% of all attacks originated from source IPs located in China. 94% of these targeted database services.

  • 16% of attacks originated from source IP addresses in the U.S. More than half (58%) of attacks on network management services originated from the U.S.

  • 16% of attacks originated from source IPs in Russia. 40% of these targeted remote management services.

“This report highlights a single fact beyond all others: small business networks are probed and attacked every day by threats from across the globe. The idea that small business owners can ignore security and safely ‘fly under the radar’ is an outright myth,” said Yarbrough.

Data in the Threat Intelligence Report is based on events generated by the intrusion detection and prevention system (IDS/IPS) inside AccessEnforcer UTM Firewall. The devices monitored were located at approximately 800 small business networks.

AccessEnforcer is a network security device created by Calyptix Security. Designed for small businesses, AccessEnforcer makes it easy to have powerful and reliable security with less time and effort.

The report’s data was collected by Event Vault from Calyptix. This forthcoming service automatically records and stores security events generated by AccessEnforcer.

Event Vault records events from more than 10 security systems inside AccessEnforcer. The Threat Intelligence Report focuses exclusively on events generated by the IDS/IPS service.

The sites monitored for the report were in the following industries: healthcare (22%); professional services (19%); construction (13%); non-professional services (6%); manufacturing (6%); retail (5%); financial (5%); other (24%).


Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights