Web application attack activity While the number of web application attacks increased by 28% over the last quarter, the percentage of web application attacks sent over HTTP vs. HTTPS has remained relatively consistent for two quarters - 89% via HTTP in Q4 vs. 88% via HTTP in Q3.
The most frequently observed attack vectors for the quarter were LFI (41%), SQLi (28%) and PHPi (22%), followed by XSS (5%) and Shellshock (2%). RFI, MFU, CMDi, and JAVAi attacks comprised the remaining 2%. The relative distribution of the attack vectors over HTTP vs. HTTPS was similar, with the exception of PHPi; PHPi was seen in just 1% of the attacks over HTTPS.
Fifty-nine percent of the Q4 web application attacks targeted retailers, vs. 55% in Q3. The media & entertainment and hotel & travel industries were the next most frequently targeted, with 10% of the attacks each. This represents a change from Q3, when the financial services industry was the second most-targeted industry (15% of attacks), compared with just 7% of the attacks this quarter.
Continuing a trend from last quarter, the US was both the main source of web application attacks (56%) as well as the most frequent target (77%). Brazil was the next biggest attack source (6%) as well as the second most targeted country (7%), which seems to be related to the fact that a large cloud Infrastructure-as-a-Service (IaaS) provider opened new data centers there. Since the opening of the data centers, Akamai has seen a large increase in the amount of malicious traffic coming out of Brazil, and specifically from the aforementioned data centers. Most of those attacks were against a Brazilian customer in the retail industry.
For the Q4 report, we identified the top 10 sources of web application attack traffic by ASN, and analyzed the corresponding attack types, payloads and frequency. A description of 10 of the more interesting attacks - and their payloads, is included in Section 3.6.
Web application attack metrics
Compared with Q3 2015
28.10% increase in total web application attacks
28.65% increase in web application attacks over HTTP
24.05% increase in web application attacks over HTTPS
12.19% increase in SQLi attacks
Scanning and probing activity Malicious actors rely on scanners and probing to perform reconnaissance on their targets before launching attacks. Using firewall data from the perimeter of the Akamai Intelligent Platform, our analysis showed the most popular ports for reconnaissance were Telnet (24%), NetBIOS (5%), MS-DS (7%), SSH (6%), and SIP (4%). The top three sources of scanning activity were all located in Asia, as determined by ASN. We also saw active scanning for reflectors to abuse, including NTP, SNMP, and SSDP.
By looking at the top reflection sources by ASN, we saw that the most heavily-abused network reflectors were in China and other Asian countries. While most SSDP attacks tend to be from home connections, NTP, CHARGEN, and QOTD are generally from cloud hosting providers where those services run. SSDP and NTP reflectors were the most often abused reflectors at 41% each, followed by CHARGEN (6%) and RPC (5%). SENTINEL and QOTD followed at 4% each.
Download the report A complimentary copy of the Q4 2015 State of the Internet - Security Report is available for download at www.stateoftheinternet.com/security-report.
About stateoftheinternet.com Akamai's stateoftheinternet.com shares content and information intended to provide an informed view into online connectivity and cybersecurity trends as well as related metrics, including Internet connection speeds, broadband adoption, mobile usage, outages, and cyber-attacks and threats. Visitors to stateoftheinternet.com can find current and archived versions of Akamai's State of the Internet (Connectivity and Security) reports, the company's data visualizations and other resources designed to help put context around the ever changing Internet landscape.
About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The companys advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.
Most recent headlines
09/11/2025
Dalet today announced a transformative leap forward for media operations: Agentic Artificial Intelligence (AI) that unifies the Dalet ecosystem under one natura...
23/10/2025
A deadline is looming for a new carriage deal between Verizon's Fios TV and Nexstar, with both Verizon and the pay TV-backed American Television Alliance bl...
23/10/2025
NEW YORK During a high-profile session at NAB Show New York, new survey data was shared that revealed significant public concern over artificial intelligence (A...
23/10/2025
BELLEVUE, Wash. and NEW YORK Fox Weather has tapped T-Mobile has as its preferred communications provider and announced that all Fox Weather reporters are being...
23/10/2025
PBS and Amazon Web Services have announced the network is using generative AI to provide enhanced search results to viewers on the PBS App and PBS LearningMedia...
22/10/2025
Prime Video Inks Deal To Present NFL Black Friday Game Worldwide By SVG Staff
Wednesday, October 22, 2025 - 10:06 am
Print This Story | Subscribe
Story ...
22/10/2025
NBA Tip-Off: ESPN Goes 1080p HDR End-to-End, Flipping HDR Switch on REMI and REM...
22/10/2025
FloSports Empowers Division II, III Athletic Departments With Turnkey Production...
22/10/2025
Wall Street Video Summit Debuts, Bringing Together 200 Financial Enterprise Vide...
22/10/2025
Dueling Pianos: International Chopin Piano Competition Is as Competitive as a Ba...
22/10/2025
In 1995, a young Colombian artist released an album that would change Latin pop ...
22/10/2025
Over the past few months, a photovoltaic system has been installed on a three-he...
22/10/2025
The Orion spacecraft for NASA's Artemis II mission is stacked on the Space Launch System (SLS) rocket in High Bay 3 of the Vehicle Assembly Building at Kenn...
22/10/2025
L3Harris' Hybrid SATCOM is resilient by design, offering path diversity that eliminates vulnerabilities by routing data across the best available networks i...
22/10/2025
WASHINGTON, D.C. Organizers of NAB Show New York said they are expecting more than 12,000 registered attendees from about 100 countries along with 260 exhibitor...
22/10/2025
WASHINGTON, D.C The organizers of The 2025 NAB Show New York have announced that they are expecting more than 12,000 registered attendees from about 100 countr...
22/10/2025
Masque Sound, a leading theatrical sound reinforcement, installation and design company, supplied an extensive gear package of professional-grade equipment for ...
22/10/2025
Lightware, a global leader in signal management and AV connectivity solutions, is seeing strong market momentum for the UCX-3x3-TPX-RX20, a compact transmitter-...
22/10/2025
MELVILLE, N.Y. Chyron has released PAINT 10.2, the latest update for its telestration platform, adding support for SMPTE ST 2110 IP workflows, expanding brandin...
22/10/2025
WASHINGTON Run3TV today said NBCUniversal is joining as an investor in the ATSC 3.0 Framework Authority, which develops the Run3TV NextGen TV application platfo...
22/10/2025
ATLANTA swXtch.io will feature two new networking solutions extending the company's reach across more cloud and on-prem workflows at NAB Show New York, set ...
22/10/2025
The Warner Bros. Discoverys HBO Max streaming services has increased prices for all its streaming tiers effectively immediately for new customers. Existing cust...
22/10/2025
LOS ANGELES OpenDrives has signed a new distribution partnership deal with Versatile Distribution Services (VDS) to strengthen its channel and streamline how it...
22/10/2025
WASHINGTON, D.C The organizers of The 2025 NAB Show New York have announced that they are expecting more than 12,000 registered attendees from about 100 countr...
22/10/2025
Samora Pinderhughes Brings Immersive Sound to Berklee's Signature Series The artist and composer, who's worked with Herbie Hancock, Robert Glasper, Co...
22/10/2025
BMI Day at Berklee Celebrates Composer Fil Eisler and Awards Scholarship to Stud...
22/10/2025
October 22nd, 2025 TRIBECA ANNOUNCES STAR-STUDDED LINEUP OF MEMBERSHIP EVENTS F...
22/10/2025
Rohde & Schwarz and TRUMPF cooperate in drone defense Rohde & Schwarz and TRUMPF partner to deliver a comprehensive drone defense solution combining Rohde & S...
22/10/2025
European Broadcaster Upgrades To Grass Valley's NativeIP LDX 135 Cameras And...
22/10/2025
Everyone Gets a Better Deal on Verizon with New FOX One Perk The $15 FOX One streaming service perk is yet another way Verizon continues to add savings for cu...
22/10/2025
First Look Hidden Assets Series 3
Premieres on 9th November 9:30pm on RT One & RT Player
WATCH HERE Promo Link: Hidden Assets Series 3 | RT
The Crimin...
21/10/2025
NAB New York 2025: Although AES Show Is on Its Own, Audio Will Be a Major Part o...
21/10/2025
NAB New York 2025: Business of Broadcast and Media,' Future of Content'...
21/10/2025
SVG All-Stars: Ethan Folz, Senior Director, Digital Operations and Quality of Ex...
21/10/2025
NBA on NBC/Peacock: Livestream Offers Graphic Overlays, Predictive Gaming, Ancil...
21/10/2025
NBA on NBC/Peacock: At the Front Bench With Producer Frank DiGraci and Director ...
21/10/2025
NBA on NBC/Peacock: NBC Sports, NEP Build Ultra-Flexible Production Plan That Se...
21/10/2025
Indigenous storytelling has been at the heart of the work of the Sundance Instit...
21/10/2025
Top L-R: Mysterious Skin, American Dream Second Row L-R: Little Miss Sunshine, D...
21/10/2025
Last week, Spotify and Columbia Records transformed Pier 4 at the Brooklyn Army ...
21/10/2025
SBS Learn's Dharug Ngurra resource empowers classrooms to meaningfully celeb...
21/10/2025
As global operators simplify and evolve their digital platforms, NPS improvement...
21/10/2025
Critical Design Review completion is a key milestone on the path toward Wideband Global Satellite Communications certification for the network in 2026, opening ...
21/10/2025
New Australian undersea training range to implement and improve warfighting tactics, proficiency and safety; enable joint/allied training that contributes to pr...
21/10/2025
eds3_5_jq(document).ready(function($) { $(#eds_sliderM519).chameleonSlider_2_1({...
21/10/2025
September, the beginning of autumn, brought an expected revival to the TV market, largely due to the new fall TV schedules. The time spent in front of the TV sc...
21/10/2025
Broadcast Booms with 20% Uptick vs. August, Achieving Largest Monthly
Increase ...
21/10/2025
During September, streaming's share of TV viewing in Mexico settled at 24.5%, a marginal shift of -0.5 share points from the previous month.
Disclaimer: YU...
21/10/2025
RENNES, France BBright and GlobalM have conducted a technical trial validating Ultra HD interoperability across the entire contribution chain in the cloud, achi...
Web application attack activity While the number of web application attacks increased by 28% over the last quarter, the percentage of web application attacks sent over HTTP vs. HTTPS has remained relatively consistent for two quarters - 89% via HTTP in Q4 vs. 88% via HTTP in Q3. 
