Web application attack activity While the number of web application attacks increased by 28% over the last quarter, the percentage of web application attacks sent over HTTP vs. HTTPS has remained relatively consistent for two quarters - 89% via HTTP in Q4 vs. 88% via HTTP in Q3.
The most frequently observed attack vectors for the quarter were LFI (41%), SQLi (28%) and PHPi (22%), followed by XSS (5%) and Shellshock (2%). RFI, MFU, CMDi, and JAVAi attacks comprised the remaining 2%. The relative distribution of the attack vectors over HTTP vs. HTTPS was similar, with the exception of PHPi; PHPi was seen in just 1% of the attacks over HTTPS.
Fifty-nine percent of the Q4 web application attacks targeted retailers, vs. 55% in Q3. The media & entertainment and hotel & travel industries were the next most frequently targeted, with 10% of the attacks each. This represents a change from Q3, when the financial services industry was the second most-targeted industry (15% of attacks), compared with just 7% of the attacks this quarter.
Continuing a trend from last quarter, the US was both the main source of web application attacks (56%) as well as the most frequent target (77%). Brazil was the next biggest attack source (6%) as well as the second most targeted country (7%), which seems to be related to the fact that a large cloud Infrastructure-as-a-Service (IaaS) provider opened new data centers there. Since the opening of the data centers, Akamai has seen a large increase in the amount of malicious traffic coming out of Brazil, and specifically from the aforementioned data centers. Most of those attacks were against a Brazilian customer in the retail industry.
For the Q4 report, we identified the top 10 sources of web application attack traffic by ASN, and analyzed the corresponding attack types, payloads and frequency. A description of 10 of the more interesting attacks - and their payloads, is included in Section 3.6.
Web application attack metrics
Compared with Q3 2015
28.10% increase in total web application attacks
28.65% increase in web application attacks over HTTP
24.05% increase in web application attacks over HTTPS
12.19% increase in SQLi attacks
Scanning and probing activity Malicious actors rely on scanners and probing to perform reconnaissance on their targets before launching attacks. Using firewall data from the perimeter of the Akamai Intelligent Platform, our analysis showed the most popular ports for reconnaissance were Telnet (24%), NetBIOS (5%), MS-DS (7%), SSH (6%), and SIP (4%). The top three sources of scanning activity were all located in Asia, as determined by ASN. We also saw active scanning for reflectors to abuse, including NTP, SNMP, and SSDP.
By looking at the top reflection sources by ASN, we saw that the most heavily-abused network reflectors were in China and other Asian countries. While most SSDP attacks tend to be from home connections, NTP, CHARGEN, and QOTD are generally from cloud hosting providers where those services run. SSDP and NTP reflectors were the most often abused reflectors at 41% each, followed by CHARGEN (6%) and RPC (5%). SENTINEL and QOTD followed at 4% each.
Download the report A complimentary copy of the Q4 2015 State of the Internet - Security Report is available for download at www.stateoftheinternet.com/security-report.
About stateoftheinternet.com Akamai's stateoftheinternet.com shares content and information intended to provide an informed view into online connectivity and cybersecurity trends as well as related metrics, including Internet connection speeds, broadband adoption, mobile usage, outages, and cyber-attacks and threats. Visitors to stateoftheinternet.com can find current and archived versions of Akamai's State of the Internet (Connectivity and Security) reports, the company's data visualizations and other resources designed to help put context around the ever changing Internet landscape.
About Akamai As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The companys advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.
Most recent headlines
06/10/2025
France T l visions, France's leading broadcaster, has received the 2025 EBU ...
06/09/2025
(L-R) Dylan O'Brien and James Sweeney attend the 2025 Sundance Film Festival Twinless premiere at Eccles Theatre. (Photo by George Pimentel/Shutterstock f...
06/09/2025
LONDON Vizrt has introduced Viz Arena 6, the newest version of its all-in-one live augmented reality (AR) graphics and virtual advertising sports solution. The ...
06/09/2025
SEATTLE Amazon Web Services (AWS) will feature 56 AWS Partners making various demos that showcase the technologies and use cases shaping the future of the Media...
06/09/2025
In news that highlights the ongoing importance of video games, PBS Kids is making its first foray into gameplay content with the September 5 launch of Odd Squa...
06/09/2025
PBS chief executive Paula Kerger has sent an email to staff outlining plans to cut about 100 positions or 15% of its staff, following the loss of Federal fundin...
06/09/2025
A new era of recognition as IABM honors the people, projects and innovations driving real impact
IABM has confirmed the shortlist for the new IABM Impact Award...
06/09/2025
Vizrt, the leader in live production technology revolutionizing viewer experiences, announces new capabilities to help customers create once, adapt automaticall...
06/09/2025
Studio Technologies, a leading manufacturer of high-quality audio, video, and fiber-optic solutions, will spotlight four of its innovative audio solutions at th...
06/09/2025
DigitalGlue, creator of the award-winning creative.space managed storage platform, today announced a technology preview of Creative Intelligence (CI) powered by...
06/09/2025
Eye Filmmuseum is the Netherlands leading film museum, offering a rich variety of experiences from screenings of classic films to cultural exhibitions. With fou...
06/09/2025
The latest innovations in Grass Valley's AMPP applications will be on full display at IBC 2025, as the company brings significant updates to Playout X, its ...
06/09/2025
Disguise has announced the launch of the GX 3 , its most powerful media server ever. Built on NVIDIA's cutting-edge Blackwell GPU architecture and including...
06/09/2025
Autoscript and Autocue have announced the launch of a new advanced PTZ prompter system shared by both brands and designed to provide seamless, professional prom...
06/09/2025
Sachtler has added four new models to its award-winning aktiv and FSB Mk II fluid head ranges. The aktiv16T and aktiv18T, plus the FSB 16T Mk II and FSB 18T Mk...
06/09/2025
CGI (TSX: GIB.A) (NYSE: GIB), one of the largest independent IT and business consulting services firms in the world, will present its bold new vision for the fu...
06/09/2025
DHD has chosen IBC 2025 (Amsterdam, 12-15 September) as the launch venue for the latest version of its RM1 all-in-one portable audio production and broadcast sy...
06/09/2025
AJA Video Systems debuted IP25-R, a Mini-Converter for connecting SMPTE ST 2110 networks with 4K SDI/HDMI infrastructures. IP25-R lets broadcast, production, an...
06/09/2025
AJA Video Systems today introduced new products and updates ahead of the International Broadcasting Convention (IBC) 2025 that streamline signal flow management...
06/09/2025
Researchers map key human proteins that power coronavirus replication, pointing to new treatment strategies Findings from Scripps Research reveal promising drug...
05/09/2025
Your listening habits are as unique as you are-and this year, Spotify has introduced a wave of new features to help you personalize your experience. From playli...
05/09/2025
SBS kicks off a confident slate with the 2026 FIFA World Cup 2026 , premium dram...
05/09/2025
Today's Historic Settlement Underscores SBS's Powerful New Series The Pe...
05/09/2025
L3Harris Chief Financial Officer and Aerojet Rocketdyne President Ken Bedingfiel...
05/09/2025
PHILADELPHIA NBC Sports will present tonight's NFL Kickoff Game between the '25 Super Bowl champion Philadelphia Eagles and Dallas Cowboys on Peacock in...
05/09/2025
Warner Bros. Discovery filed a lawsuit against Gen AI company Midjourney this week, claiming that the company violated the studio's copyright....
05/09/2025
Alum Esin Ayd ng z Pens Nevermore Alma Mater' for Netflix's Wednesday The Grammy-nominated composer appears on this season's soundtrack alongside...
05/09/2025
C-SPAN and YouTube this week announced an agreement in which YouTube will sponsor C-SPAN's America 250 programming and expand access to C-SPAN's politic...
05/09/2025
LONDON Live broadcast infrastructure solutions provider Techex has added Peter Dawidzik as senior director, sales and business development....
05/09/2025
As news organizations and broadcasters face more pressure than ever to capture, verify, and distribute real-time access to breaking news, Reuters and Amazon Web...
05/09/2025
LOS ANGELES The Hollywood Professional Association (HPA) today said it has begun accepting submissions for its expanded HPA Engineering Excellence Awards, which...
05/09/2025
Sage has released an update to its most recent firmware for its Digital ENDEC model 3644....
05/09/2025
LONDON and LOS ANGELES ThinkAnalytics will debut ThinkMetadataAI, the company's latest step in recommendations, search and discovery services....
05/09/2025
WASHINGTON The Federal Communications Commissions Media Bureau has announced that the agency is initiating a phased process to lift the current freeze on major ...
05/09/2025
TORONTO Quickplay will feature its newly unveiled AI Studio that assists broadcasters and streamers in transforming their content libraries into short-form asse...
05/09/2025
Boston Conservatory at Berklee Announces Five-Year Partnership with The Verdon F...
05/09/2025
Alum Esin Ayding z Pens Nevermore Alma Mater' for Netflix's Wednesday The Grammy-nominated composer appears on this season's soundtrack alongside...
05/09/2025
Rohde & Schwarz UK awarded Silver Award under Defence Employer Recognition Schem...
05/09/2025
Back to All News
Two Desperate Souls and One Desperate Choice: As You Stood By...
05/09/2025
Back to All News
Netflix Unveils New BAKI-DOU' Anime and First Look at BE...
05/09/2025
This weekend sees another feast in store for all sport fans as RT airs a jam-packed schedule of live, free-to-air sport.
The Amgen Irish Open continues all we...
04/09/2025
(Joel Edgerton and Felicity Jones appear in Train Dreams by Clint Bentley, an of...
04/09/2025
SBS kicks off a confident slate with the 2026 FIFA World Cup2026 , premium drama...
04/09/2025
Watch the Record-breaking Koori Knockout 2025 LIVE and EXCLUSIVE on NITV and SBS...
04/09/2025
WALTHAM, Mass. Zixi, a provider of video-delivery-over-IP technology, has named Sue Mitchell as director of account management, EMEA....
04/09/2025
NEW YORK In news that highlights the importance of the NFL and sports for the TV and streaming industry, NBCUniversal is reporting record revenue for its 20th s...
04/09/2025
OTTAWA Ross Video has acquired LAMA, a Dutch-based developer of advanced audio production software known for its innovative live mixing solutions. The acquisiti...
04/09/2025
CINCINNATI GatesAir will bring its 5G passthrough demo to IBC audiences once again as interest in the technology's value for broadcast-to-mobile delivery gr...
04/09/2025
BURY ST. EDMUNDS, England Autoscript and Autocue will showcase their newly launched PTZ prompter system during IBC2025, Sept. 12-15 at the RAI Amsterdam Convent...
04/09/2025
Watch the Benn Family Band Perform I Wont Give Up on Americas Got Talent Assistant Professor Loren Benn and her family gave an emotional live performance of t...
Web application attack activity While the number of web application attacks increased by 28% over the last quarter, the percentage of web application attacks sent over HTTP vs. HTTPS has remained relatively consistent for two quarters - 89% via HTTP in Q4 vs. 88% via HTTP in Q3. 
