
Q3 2017 Akamai State of the Internet / Security Report Reveals Significant Increase in Web Application Security Attacks, Evolution of Attacker Strategies Holiday shopping season may see new attack types leveraging IoT devices, mobile platforms
Cambridge, MA | November 28, 2017
Newly released data shows that web application attacks continued to rise significantly in both the quarter-over-quarter and year-over-year timeframes, according to the Third Quarter, 2017 State of the Internet / Security Report released by Akamai Technologies, Inc. (NASDAQ: AKAM). In addition, further evaluation of the Mirai botnet and WireX malware attacks suggests that attackers may leverage IoT and Android devices to build future botnet armies.
The report found that the number of web application attacks last quarter (Q3 2017) increased 69% in total from the same timeframe last year (Q3 2016). In the last quarter alone, web application attacks rose 30% as compared to the second quarter of 2017. Over the last year, a 217% increase in attacks sourcing from the U.S. was seen, with an increase of 48% in the last quarter as compared to the prior one.
SQL injection (SQLi) attacks continued to be heavily utilized by attackers as a part of the significant rise of web application attacks. This attack vector increased 62% since last year, and 19% since last quarter. The significant increase in web application attacks, particularly injection attacks like SQLi, should come as no surprise as the latest version of the OWASP Top 10 2017 that came out last week has injection (inclusive of SQLi) as the top ranked vulnerability category. This new iteration is the first major update to the OWASP Top 10 since 2013, when injection also resided in the top spot.
Perhaps more alarming was the result of taking a closer look at the Mirai botnet and encountering the introduction of WireX malware. While smaller than its predecessor, the Mirai malware strain, which uses Internet of Things (IoT) devices, was responsible for the largest attack seen in Q3 at 109 Gbps. The ongoing Mirai activity, coupled with the introduction of WireX, which commandeers Android devices, highlights the vast potential that exists for new sources of botnet armies.
The lure of easy access to poorly-secured end nodes and easily-available source code make it likely that Mirai-based attacks won't be fading in the near future, said Martin McKeay, senior security advocate and senior editor, State of the Internet / Security Report. Our experience suggests that an army of new potential attackers comes online every day. Couple with that, the ubiquity of Android software and the growth in the Internet of Things are amplifying the risk/reward challenges that enterprises face to tremendous levels.
By the Numbers: Other highlights from Akamai's Third Quarter, 2017 State of the Internet / Security Report include:
The use of Fast Flux DNS by botnets is examined, demonstrating why the use of rapidly changing DNS information helps attackers by making it harder to track and disrupt botnets and malware.
The number of DDoS attacks in Q3 increased by 8% quarter over quarter, highlighted by a 13% increase in the average number of attacks per target (36).
Germany, despite not being among the top five source countries for DDoS attack traffic in the previous quarter, had the largest number of attack traffic source IPs in Q3 - 58,746 - 22% of the global total.
Egypt, last quarter's leader for DDoS attack traffic (44,198) fell out of the top 5 in Q3.
Australia suffered the third most web application attacks (19,115,151) despite not even registering in the top 10 in Q2.
With the holiday shopping season upon us, Akamai expects that both the monetary and emotional aspects of attack dynamics will strongly influence behavior in the fourth quarter. Criminals are likely to leverage the fact that the final quarter of the year is critical for merchants, making the merchants much more likely to pay an extortion letter threatening an attack on Black Friday or Cyber Monday than at many other times of year.
As noted in the Attack Spotlight, the code base from Mirai is still being used and is evolving, added McKeay. In addition, criminals are getting better at hiding their command and control structures, using techniques like Fast Flux DNS. It would not be surprising if, during this holiday season, we see new attacks such as those based on IoT devices or mobile platforms.
Through the SOTI/Security Report, as well as more in-depth research reports, Akamai brings you cutting-edge insight into the ever-changing landscape of attacks and attack tools - delivering information to help you and your team protect your organization.
A complimentary copy of the Q3 2017 State of the Internet / Security Report is available for download at akamai.com/stateoftheinternet-security. Download individual figures, including associated captions here.
Methodology The Akamai Third Quarter, 2017 State of the Internet / Security Report combines attack data from across Akamai's global infrastructure and represents the research of a diverse set of teams throughout the company. The report provides analysis of the current cloud security and threat landscape, as well as insight into attack trends using data gathered from the Akamai Intelligent Platform. The contributors to the State of the Internet / Security Report include security professionals from across Akamai, including the Security Intelligence Response Team (SIRT), the Threat Research Unit, Information Security, and the Custom Analytics group.
About Akamai As the world's largest and most trusted cloud delivery platform, Akamai makes it easier for its customers to provide the best and most secure digital experiences on any device, anytime, anywhere. Akamai's massively distributed platform is unparalleled in scale wi
Most recent headlines
05/01/2027
Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be ...
07/10/2026
Dalet, a leading technology and service provider for media-rich organizations, today announced the latest Long-Term Supported (LTS) release of Dalet Flex. Build...
06/09/2026
June 9 2026, 23:00 (PDT) Dolby and MagentaTV Bring Fans Closer to the FIFA Worl...
04/08/2026
Dalet, a leading technology and service provider for media-rich organizations, t...
17/07/2026
In-venue and creative video staffers at the professional and collegiate level ha...
17/07/2026
Production workers at Brooklyn Bowl's Williamsburg location voted 15-1 to join IATSE Local 4. The bargaining unit covers 24 production workers at the venue,...
17/07/2026
DAZN and ADI Predictstreet have announced an exclusive global strategic partners...
17/07/2026
Zixi and Comcast Technology Solutions (CTS) have announced a strategic integrati...
17/07/2026
Professional Fighters League (PFL) has announced a multi-year partnership with E...
17/07/2026
Spectrum Business has announced Spectrum TV Control Pro, a centralized app-based...
17/07/2026
Clark Wire and Cable has announced that Rick Fernandez, Managing Director of Axxion Consulting, will serve as Independent Manufacturers Representative for Centr...
17/07/2026
TikTok, the NBA, and the WNBA have announced a multi-year global content partnership covering highlights distribution, creator access to marquee events, live-ga...
17/07/2026
Company alleges article contained false and misleading claims regarding customer data...
17/07/2026
Ratings Roundup is a rundown of recent rating news and is derived from press rel...
17/07/2026
(L-R) Edward James Olmos, Luis Valdez, Lou Diamond Phillips and Lupe Valdez attend American Pachuco: The Legend Of Luis Valdez Premiere during the 2026 Sundan...
17/07/2026
Full engine access with reduced soundset
Sonuscore have steadily been introducing a selection of reduced-cost and free versions of their flagship products r...
17/07/2026
Two new special-edition models revealed
Over the past week, Arturia have launched special-edition versions of both their premium MIDI controller and stage p...
17/07/2026
Original founder now back at the helm
In a message posted on his personal social media accounts, Dirk Ulrich has announced that both Plugin Alliance and Bra...
17/07/2026
Legendary presenter Anton Enus to sign off from SBS World News after 27 years wi...
17/07/2026
Millions rise before dawn to watch FIFA World Cup 2026 semi-finals on SBS
17 July, 2026
Media releases
England v Argentina attracted a Total TV reach of a...
17/07/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
17/07/2026
Foundry Releases SmartRoto for Nuke
Brie Clayton July 17, 2026
0 Comments
Spline-based AI powered plugin accelerates time-consuming rotoscoping, helping...
17/07/2026
A Short Documentary About a Giant Pencil Edited with DaVinci Resolve Studio
Brie Clayton July 17, 2026
0 Comments
SBIFF jury award winner finished fro...
17/07/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
17/07/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
17/07/2026
Lightware has published its second voluntary Sustainability Report, showing how energy efficiency, product longevity and responsible material use are increasing...
17/07/2026
Creative software developer Foundry today announced Griptape Enterprise, a new tier of the Griptape AI workflow orchestration platform, extended to meet the str...
17/07/2026
Creative software developer Foundry today announced the availability of SmartRoto, a new AI-powered plugin upgrade for Nuke, NukeX, Nuke Studio, and Nuke Indie ...
17/07/2026
The Final Release of Blackmagic Fairlight Live is Now Available!
Brie Clayton July 16, 2026
0 Comments
Fairlight Live is a new audio mixer designed fo...
17/07/2026
Leveraging All of Entertainment's IP
Andy Marken July 16, 2026
0 Comments
Nobody ever wins the games. Period. There are survivors. There\s no win...
17/07/2026
From intimate acoustic settings to large-scale festival stages, her focus has remained constant: preserving the true natural voice of the violin in every perfor...
17/07/2026
New and returning series, live festival broadcasts, powerful documentaries and major sporting moments headline RT Radio 1's summer schedule
RT Radio 1 is...
17/07/2026
Think of a professional athlete. What separates elite performers is what happens...
17/07/2026
Up For The Match - Live From Croke Park this Saturday at 8pm on RT One and RT ...
17/07/2026
RT Commercial has today announced DiscoverIreland.ie, as sponsor of The Traitor...
16/07/2026
Media organisations with tested plans for new products, services or revenue models can now apply for grants of up to 30,000 through the Business Innovation Syn...
16/07/2026
This recent graduate and Georgia native has turned an early fascination with live production into a growing passion for camera work
In the live-sports-video in...
16/07/2026
TNDV is marking the first anniversary of Aspiration 35, a mobile production truck built around ARRI Alexa 35 Live camera systems. Over its first year, the truck...
16/07/2026
ATSC has completed a major revision to its A/85 Recommended Practice: Techniques...
16/07/2026
FloSports has announced an exclusive global media partnership with CrossFit for the 2026 CrossFit Games, presented by Air National Guard, beginning July 21 in S...
16/07/2026
Sennheiser has released firmware version 1.4 for its Spectera wireless system and announced the Spectera Command Button (Cat. No. 701014). The update adds comma...
16/07/2026
ESPN and the Southwestern Athletic Conference (SWAC) have announced a multi-year...
16/07/2026
Audio-Technica has announced the 20 Series Control Application, a Stream Deck plug-in for compatible Audio-Technica USB microphones. The application is compatib...
16/07/2026
The fifteenth season of The Voice - La plus belle voix on TF1 used four Solid St...
16/07/2026
Gray Media and the Atlanta Hawks have announced a broadcast partnership that wil...
16/07/2026
Season 3 of Netflix's docuseries, which dropped this week, follows Jayden Da...
16/07/2026
The Texas Rangers and Rangers Sports Network presented by Progressive (RSN) have announced BZZR as the new direct-to-consumer distributor for Rangers game broad...
16/07/2026
With England's FIFA World Cup 2026 team getting ready to fly home after losi...
16/07/2026
In a return to Royal Birkdale, the team enjoys partnering with ETP and Gravity M...
16/07/2026
Along with a new studio at Ball Arena, the Colorado-based RSN is working with XR...