April 2017 Digital Edition

Click Here

March 2017 Digital Edition

Click Here

Feb. 2017 Digital Edition

Click Here

January 2017 Digital Edition

Click Here

Nov/Dec 2016 Digital Edition

Click Here

Oct 2016 Digital Edition

Click Here

Technology Sectors

Market Sectors

Report: Large-scale DDoS attacks up 140 percent in 2016's fourth quarter

McKeay

CAMBRIDGE, MA Feb. 14, 2017 Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today released its Fourth Quarter, 2016 State of the Internet / Security Report. The report, using data gathered from the Akamai Intelligent Platform, provides analysis of the current cloud security and threat landscape, as well as insight into seasonal trends.

Download the latest State of the Internet / Security Report for data, analysis, and graphics at akamai.com/stateoftheinternet-security.

“As we saw with the Mirai botnet attacks during the third quarter, unsecured Internet of Things (IoT) devices continued to drive significant DDoS attack traffic,” said Martin McKeay, senior security advocate and senior editor, State of the Internet/Security Report. “With the predicted exponential proliferation of these devices, threat agents will have an expanding pool of resources to carry out attacks, validating the need for companies to increase their security investments. Additional emerging system vulnerabilities are expected before devices become more secure.”

Highlights from Akamai’s Fourth Quarter, 2016 State of the Internet / Security Report include:

DDoS Attacks

  • Attacks greater than 100 Gbps increased 140 percent year-over-year from Q4 2015
  • The largest DDoS attack in Q4 2016, which peaked at 517 Gbps, came from Spike, a non-IoT botnet that has been around for more than two years.
  • Seven of the 12 Q4 2016 mega attacks, those with traffic greater than 100 Gbps, can be directly attributed to Mirai.
  • The number of IP addresses involved in DDoS attacks grew significantly this quarter, despite DDoS attack totals dropping overall. The United States sourced the most IP addresses participating in DDoS attacks – more than 180,000.

Web Application Attacks

  • The United States remained the top source country for web application attacks, showing a 72 percent increase from Q3 2016.
  • SQLi, LFI, and XSS web application vectors accounted for 95 percent of observed web application attacks in Q4 2016, similar to Q3 2016.
  • The number of web application attacks in Q4 2016 was down 19 percent from Q4 2015; however, research into retail traffic over the United States Thanksgiving holiday week revealed an upward trend for four sub-verticals (apparel and footwear, consumer portals, consumer electronics and media and entertainment) that all suffered from significant web application attacks.

Top Attack Vectors

  • Of the 25 DDoS attack vectors tracked in Q4 2016, the top three were UDP fragment (27 percent), DNS (21 percent), and NTP (15 percent), while overall DDoS attacks decreased by 16 percent.

Akamai added a new reflection DDoS attack vector this quarter, Connectionless Lightweight Directory Access Protocol (CLDAP), which attackers abuse to amplify DDoS traffic.

“If anything, our analysis of Q4 2016 proves the old axiom ‘expect the unexpected’ to be true for the world of web security,” continued McKeay. “For example, perhaps the attackers in control of Spike felt challenged by Mirai and wanted to be more competitive. If that’s the case, the industry should be prepared to see other botnet operators testing the limits of their attack engines, generating ever larger attacks.”

A complimentary copy of the Q4 2016 State of the Internet / Security Report is available for download at akamai.com/stateoftheinternet-security.

About Akamai

As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com.

 

Recent Videos

HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...
PureTech Systems is a technology leader in the use of geospatial video, focusing on perimeter security.  When combining geospatial capabilities with video analytics and PTZ camera control, managers of critical facilities can benefit by allowing the video management system to aid them in the process...