Q3 2017 Akamai State of the Internet / Security Report Reveals Significant Increase in Web Application Security Attacks, Evolution of Attacker Strategies
01/12/2017
Cambridge, MA | November 28, 2017
Newly released data shows that web application attacks continued to rise significantly in both the quarter-over-quarter and year-over-year timeframes, according to the Third Quarter, 2017 State of the Internet / Security Report released by Akamai Technologies, Inc. (NASDAQ: AKAM). In addition, further evaluation of the Mirai botnet and WireX malware attacks suggests that attackers may leverage IoT and Android devices to build future botnet armies.
The report found that the number of web application attacks last quarter (Q3 2017) increased 69% in total from the same timeframe last year (Q3 2016). In the last quarter alone, web application attacks rose 30% as compared to the second quarter of 2017. Over the last year, a 217% increase in attacks sourcing from the U.S. was seen, with an increase of 48% in the last quarter as compared to the prior one.
SQL injection (SQLi) attacks continued to be heavily utilized by attackers as a part of the significant rise of web application attacks. This attack vector increased 62% since last year, and 19% since last quarter. The significant increase in web application attacks, particularly injection attacks like SQLi, should come as no surprise as the latest version of the OWASP Top 10 2017 that came out last week has injection (inclusive of SQLi) as the top ranked vulnerability category. This new iteration is the first major update to the OWASP Top 10 since 2013, when injection also resided in the top spot.
Perhaps more alarming was the result of taking a closer look at the Mirai botnet and encountering the introduction of WireX malware. While smaller than its predecessor, the Mirai malware strain, which uses Internet of Things (IoT) devices, was responsible for the largest attack seen in Q3 at 109 Gbps. The ongoing Mirai activity, coupled with the introduction of WireX, which commandeers Android devices, highlights the vast potential that exists for new sources of botnet armies.
The lure of easy access to poorly-secured end nodes and easily-available source code make it likely that Mirai-based attacks won't be fading in the near future, said Martin McKeay, senior security advocate and senior editor, State of the Internet / Security Report. Our experience suggests that an army of new potential attackers comes online every day. Couple with that, the ubiquity of Android software and the growth in the Internet of Things are amplifying the risk/reward challenges that enterprises face to tremendous levels.
By the Numbers: Other highlights from Akamai's Third Quarter, 2017 State of the Internet / Security Report include:
The use of Fast Flux DNS by botnets is examined, demonstrating why the use of rapidly changing DNS information helps attackers by making it harder to track and disrupt botnets and malware.
The number of DDoS attacks in Q3 increased by 8% quarter over quarter, highlighted by a 13% increase in the average number of attacks per target (36).
Germany, despite not being among the top five source countries for DDoS attack traffic in the previous quarter, had the largest number of attack traffic source IPs in Q3 - 58,746 - 22% of the global total.
Egypt, last quarter's leader for DDoS attack traffic (44,198) fell out of the top 5 in Q3.
Australia suffered the third most web application attacks (19,115,151) despite not even registering in the top 10 in Q2.
With the holiday shopping season upon us, Akamai expects that both the monetary and emotional aspects of attack dynamics will strongly influence behavior in the fourth quarter. Criminals are likely to leverage the fact that the final quarter of the year is critical for merchants, making the merchants much more likely to pay an extortion letter threatening an attack on Black Friday or Cyber Monday than at many other times of year.
As noted in the Attack Spotlight, the code base from Mirai is still being used and is evolving, added McKeay. In addition, criminals are getting better at hiding their command and control structures, using techniques like Fast Flux DNS. It would not be surprising if, during this holiday season, we see new attacks such as those based on IoT devices or mobile platforms.
Through the SOTI/Security Report, as well as more in-depth research reports, Akamai brings you cutting-edge insight into the ever-changing landscape of attacks and attack tools - delivering information to help you and your team protect your organization.
A complimentary copy of the Q3 2017 State of the Internet / Security Report is available for download at akamai.com/stateoftheinternet-security. Download individual figures, including associated captions here.
Methodology The Akamai Third Quarter, 2017 State of the Internet / Security Report combines attack data from across Akamai's global infrastructure and represents the research of a diverse set of teams throughout the company. The report provides analysis of the current cloud security and threat landscape, as well as insight into attack trends using data gathered from the Akamai Intelligent Platform. The contributors to the State of the Internet / Security Report include security professionals from across Akamai, including the Security Intelligence Response Team (SIRT), the Threat Research Unit, Information Security, and the Custom Analytics group.
About Akamai As the world's largest and most trusted cloud delivery platform, Akamai makes it easier for its customers to provide the best and most secure digital experiences on any device, anytime, anywhere. Akamai's massively distributed platform is unparalleled in scale wi
LINK: | https://www.akamai.com/uk/en/about/news/press/2017-press/akamai-releas... |
See more stories from akami |
Most recent headlines
12/12/2024
Sports Viewing Jumps 30% on YouTube
YouTube has provided a wrap-up of 2024 viewing trends in 2024 that shows a notable uptick in interest in sports content and highlights the importance of TVs to ...
12/12/2024
FCC Opens Entire 6-GHz Band to Very-Low-Power Device Operations
WASHINGTON The FCC has unanimously adopted new rules to expand very-low-power device operations across all 1,200 megahertz of the 6-GHz band alongside other unl...
12/12/2024
Dielectric Signs Up Pippin Technical Service
Seeking a bigger presence in Canada, antenna and RF product manufacturer Dielectric has announced a partnership with Pippin Technical Service....
12/12/2024
Australia's ABC Enters FAST Channel Market With Help From Amagi
NEW YORK ABC (Australian Broadcasting Corp.) Commercial has selected Amagi for the launch of a suite of free ad-supported streaming television (FAST) channels....
12/12/2024
Trump Selects Andrew Ferguson To Head FTC
WASHINGTON President-elect Donald Trump said Andrew Ferguson will be the new chair of the Federal Trade Commission, signaling a potentially major shift in the a...
12/12/2024
Samsung TV Plus Launches Exclusive David Letterman FAST Channel
The Samsung TV Plus free streaming service has reached an exclusive agreement to offer Letterman TV as a free-ad-supported streaming service in the U.S. and Can...
12/12/2024
Screen Australia, ABC and NITV announce Proper Loved Up Short Film Initiative
12 12 2024 - Media release Screen Australia, ABC and NITV announce Proper Loved Up Short Film Initiative Short Film Last Drinks at Fridas from Pitch Short Bla...
12/12/2024
Aiarty Image Matting: Fast, Precise AI Background Removal for Video Edits
Aiarty Image Matting: Fast, Precise AI Background Removal for Video Edits Brie Clayton December 11, 2024 0 Comments For video editors, efficiency and ...
12/12/2024
COW Job Listing: Boutique Agency Seeking Audio Engineer
COW Job Listing: Boutique Agency Seeking Audio Engineer Brie Clayton December 12, 2024 0 Comments Boutique Agency Seeking Audio Engineer December 11...
12/12/2024
Boston Conservatory at Berklee Earns Best of Recognitions in 2024
Boston Conservatory at Berklee Earns Best of Recognitions in 2024 Take a year-end look at the awards and distinctions earned by Boston Conservatory and its ac...
11/12/2024
2025 Sundance Film Festival Reveals 93 Projects for Feature Film and Episodic Programs
Top L-R: The Legend of Ochi, Rabbit Trap, East of Wall, Seeds Center Row L-R: Re...
11/12/2024
Spotify's Music Editors Reveal Their Picks for the Best Songs of 2024
The work of Spotify's global editorial experts is grounded in a deep understanding of music culture. Our editors are always at the forefront of new trends, ...
11/12/2024
Celebrate truth, knowledge and cultures with Always Was, Always Will Be this January 26 on NITV and SBS
Celebrate truth, knowledge and cultures with Always Was, Always Will Be this Jan...
11/12/2024
Tradeshows & events
Join Calrec and our distribution partners at an event near you! Here's a list of tradeshows, events and demos Calrec will be attending. If you would like to...
11/12/2024
K+ Supercharges OTT Monetization with Broadpeak's Personalized Ad Insertion
December 11, 2024 K Supercharges OTT Monetization with Broadpeak's Personalized Ad Insertion Broadpeak's broadpeak.io SaaS Platform Simplifies Ad ...
11/12/2024
TV Viewing in November Interval Reaches Highest Level Since February, Streaming Nabs Largest Share of TV Ever in The Gauge
Streaming accounts for 41.6% of time spent watching TV in November, with The Rok...
11/12/2024
Gracenote Makes Live Sports Discovery and Tune-in Easy
New Gracenote On Sports solution helps video services capitalize on sports programming to deliver improved user experiences and drive engagementNEW YORK Decem...
11/12/2024
NIELSEN SHARES COLLEGE FOOTBALL CONFERENCE CHAMPS AND OVERALL TOP 10 BASED ON SEASON VIEWERSHIP RANKINGS
154 Billion+ Minutes of College Football Watched Live This Season Across Disney,...
11/12/2024
Berklee's Music Business/Management Hosts Inaugural TEDx Event
Berklee's Music Business/Management Hosts Inaugural TEDx Event Molly Neuman, President of CD Baby, and William Tenney, founder of SunPop, were the special g...
11/12/2024
Music Supervisors Are Essential to Syching Music to Visual Media, and Demand is Rising
Music Supervisors Are Essential to Syching Music to Visual Media, and Demand is ...
11/12/2024
The Best Music Documentaries on Every Streaming Platform
The Best Music Documentaries on Every Streaming Platform Explore groundbreaking music documentaries streaming across Netflix, HBO Max, Disney , and more. From...
11/12/2024
AI-Generated Eno' Doc To Be Livestreamed Worldwide Jan. 24
A new documentary on music icon Brian Eno will be streamed for 24 hours online next month, in a demonstration of how artificial intelligence can be used to prod...
11/12/2024
Brad Turner joins EditShare as CEO
Turner is the former general manager of Harris Broadcast's media software business By Jenny Priestley Published: December 11, 2024 Turner is the forme...
11/12/2024
U.S. DoD Awards USEUCOM BPA to SES Space & Defense
Under a multi-year Blanket Purchase Agreement, SES Space & Defense will provide multi-orbit, multi-band commercial satellite services to USEUCOM leveraging an a...
11/12/2024
EditShare Taps Brad Turner as CEO
BOSTON Collaborative video workflow solutions provided EditShare has named Brad Turner as CEO....
11/12/2024
Streaming Hits Record Share of TV Viewing in November
NEW YORK Time spent watching TV in November reached a nine-month high as streaming grabbed a record share of TV viewing, accounting for 41.6% viewing, according...
11/12/2024
Ling Ling Sun, Ed Czarnecki Elected to ATSC Board
WASHINGTON The Advanced Television Systems Committee has elected Ling Ling Sun, chief technology officer at Nebraska Public Media, and Ed Czarnecki, vice presid...
11/12/2024
ESPN Launches College Football Bracket Challenge
BRISTOL, Conn. Now that the inaugural 12-team College Football Playoff lineup is set, ESPN Fantasy is launching the College Football Playoff Bracket Challenge P...
11/12/2024
Singapore's Mediacorp Taps Lawo for IP Solutions
SINGAPORE Mediacorp, Singapore's largest media conglomerate, has selected Lawo's advanced IP broadcast technology for its alternative broadcast center (...
11/12/2024
Cromorama Simplifies Color Management and Quality Control for Live Productions with the ORION-CONVERT Pipeline and AJA ColorBox
Cromorama Simplifies Color Management and Quality Control for Live Productions w...
11/12/2024
Berklee Announces 2025 Spring Signature Series
Berklee Announces 2025 Spring Signature Series This season's lineup features a Fleetwood Mac tribute, a mambo big band celebration, a gospel music extrava...
11/12/2024
Driving Mobility Forward, Vay Brings Advanced Automotive Solutions to Roads With NVIDIA DRIVE AGX
Vay, a Berlin-based provider of automotive-grade remote driving (teledriving) te...
11/12/2024
Kazakh Language Gets its National LLM with a Groundbreaking Partnership of Kazakh Research Institutions and VEON's QazCode
11 Dec 2024 Kazakh Language Gets its National LLM with a Groundbreaking Partner...
11/12/2024
UKTV appoints Emma Tibbetts as Director of Programming for Drama
UKTV has appointed Emma Tibbetts as its new Director of Programming for Drama, as it finalises changes to the structure of its programming team in line with pla...
11/12/2024
SVG Summit 2024: Day 1 Afternoon Workshops Include More Live Production, Cloud Production, Audio Production/Distribution, and SPORTEL Talks
SVG Summit 2024: Day 1 Afternoon Workshops Include More Live Production, Cloud P...
11/12/2024
Premier Rugby Sevens Finds Record-Breaking Success at 2024 PR7s All-Star Tourney in Portland
Premier Rugby Sevens Finds Record-Breaking Success at 2024 PR7s All-Star Tourney...
11/12/2024
SVG New Sponsor Spotlight: Open Broadcast Systems' CEO Keiran Kuhnya on the Power of Software-based Encoding and Decoding For Live Video
SVG New Sponsor Spotlight: Open Broadcast Systems' CEO Keiran Kuhnya on the ...
11/12/2024
Spin Shot: How Infront Productions is Producing Coverage of the Women's European Handball Federation Euro 2024
Spin shot: How Infront Productions is producing coverage of the Women's Euro...
11/12/2024
OpTic Gaming's Corey Dunn on How an Esports Team Has Become a Production Powerhouse
OpTic Gaming's Corey Dunn on How an Esports Team Has Become a Production Pow...
11/12/2024
It's Official: FIFA 2030 World Cup To Be Hosted by Morocco, Portugal, Spain; Saudi Arabia Lands 2034 Edition
It's Official: FIFA 2030 World Cup To Be Hosted by Morocco, Portugal, Spain;...
11/12/2024
PWHL Reimagines Its Live Broadcast Graphics As New Team Identities, Logos Debut For Season 2
PWHL Reimagines Its Live Broadcast Graphics As New Team Identities, Logos Debut ...
11/12/2024
2024 Sports Broadcasting Hall of Fame: Mark Lazarus, a Paragon of Sports-Media Excellence
2024 Sports Broadcasting Hall of Fame: Mark Lazarus, a Paragon of Sports-Media E...
11/12/2024
Sky wraps up GUINNESS WORLD RECORDS title in Christmas Wrapathon event that sees the most people wrapping gifts at the same time
Sky wraps up GUINNESS WORLD RECORDS title in Christmas Wrapathon event that see...
11/12/2024
Release Date and First Look of Swedish Crime Series 'The Breakthrough'
Back to All News Release Date and First Look of Swedish Crime Series The Breakthrough Entertainment 11 December 2024 GlobalSweden Link copied to clipboard ...
11/12/2024
The Doctors of the Joaquin Sorolla Hospital Are Back
Back to All News The Doctors of the Joaquin Sorolla Hospital Are BackPlay Video Play Video Entertainment 11 December 2024 GlobalSpain Link copied to clipb...
11/12/2024
G for Gladstone
Situated in the Garden Village of Port Sunlight on the Wirral, the historic Gladstone Theatre began life as an assembly and recreation hall with a platform stag...
11/12/2024
2024-12-11
CUPERTINO, CALIFORNIA Apple today released iOS 18.2, iPadOS 18.2, and macOS Sequoia 15.2, bringing Apple Intelligence - the easy-to-use personal intelligence sy...
11/12/2024
Built for the Era of AI, NVIDIA RTX AI PCs Enhance Content Creation, Gaming, Entertainment and More
Editor's note: This post is part of the AI Decoded series, which demystifies...
11/12/2024
Comedian Gearid Farrelly revealed as the third celebrity contestant for Dancing with the Stars 2025
Gear id will take to the floor with a same-sex male dance partner in new season ...
11/12/2024
Into the Omniverse: How OpenUSD-Based Simulation and Synthetic Data Generation Advance Robot Learning
Editor's note: This post is part of Into the Omniverse, a series focused on ...