CAMBRIDGE, Mass., Oct. 23, 2014 /PRNewswire/ -- Akamai
Technologies, Inc. (NASDAQ: AKAM), the leading provider of cloud
services for delivering, optimizing and securing online content and
business applications, today announced availability of the Q3
2014 State of the Internet – Security Report. Akamai's Prolexic
Security Engineering and Research Team (PLXsert) is a recognized
leader in Distributed Denial of Service (DDoS) protection services
and strategies. This quarter's report, which provides analysis and
insight into the global attack threat landscape including DDoS
attacks, can be downloaded at
www.stateoftheinternet.com/security-report.
"DDoS attack size and volume have gone through the roof this
year," said John Summers, vice
president, Security Business Unit at Akamai Technologies. "In the
third quarter alone, Akamai mitigated 17 attacks greater than 100
gigabits-per-second, with the largest at 321 Gbps. Interestingly,
we witnessed none of that size in the same quarter a year ago and
only six last quarter. These mega-attacks each used multiple DDoS
vectors to deliver large bandwidth-consuming packets at an
extremely high rate of speed."
A brute force approach characterized the most significant
campaigns in Q3 as attackers shifted towards new attack methods and
enhanced older attack methods to consume more bandwidth. These
record‑setting DDoS attack campaigns marked an 80 percent increase
in average peak bandwidth in Q3 compared to the previous quarter
and a four-fold increase from the same period a year ago. Q3 also
saw an increase in average peak packets per second, recording a 10
percent increase over the previous quarter and a four-fold increase
compared the same quarter in 2013.
Malicious actors have found ways to involve a wider base of
devices to expand DDoS botnets and produce larger DDoS attacks.
PLXsert has observed botnet-building efforts in which malicious
actors sought to control systems by gaining access through
vulnerable web applications on Linux-based machines.
Attackers have also expanded to a new class of device including
smartphones and embedded devices, such as customer-premises
equipment (CPE), home cable modems, mobile devices, and a great
variety of Internet-enabled devices including home-based and
wearables within the category of the Internet of Things
(IoT).
Attacks with both high bandwidth and high volume were made
possible by the use of multi-vector attack methods. More
sophisticated, multi-vector attacks became the norm this quarter,
with more than half (53 percent) of all attacks utilizing multiple
attack vectors. This was an 11 percent increase in multi-vector
attacks compared to last quarter, and a nine percent increase
compared to Q3 2013. Multi-vector attacks have been fueled by the
increased availability of attack toolkits with easy-to-use
interfaces as well as a growing DDoS-for-hire criminal
industry.
Highlights from the Akamai PLXsert Q3 2014 State of the
Internet - Security Report
Compared to Q3 2013
- 22 percent increase in total DDoS attacks
- 389 percent increase in average attack bandwidth
- 366 percent increase in average peak packets per second
- 44 percent decrease in application layer attacks
- 43 percent increase in infrastructure layer attacks
- 5 percent increase in average attack duration
- 9 percent increase in multi-vector attacks
Compared to Q2 2014
- 2 percent increase in total DDoS attacks
- 80 percent increase in average attack bandwidth
- 10 percent increase in average peak packets per second
- 2 percent increase in application layer attacks
- 2 percent increase in infrastructure layer attacks
- 29 percent increase in average attack duration
- 11 percent increase in multi-vector attacks
- 183 percent increase in high bandwidth (100+ Gbps) attacks: 17
vs. 6
Phishing attacks compromise media websites
During Q3,
another kind of attack was also prominent – phishing attacks.
Multiple phishing attacks targeted Google Enterprise users in order
to harvest user credentials and gain access to confidential
information. With this information, hacktivists successfully
compromised third-party content feeds on popular media websites,
such as CNN, the Associated Press and others.
The highest profile group of hacktivists targeting third-party
content providers is the Syrian Electronic Army (SEA), which
typically sends emails with a falsified link to a large number of
employees in a targeted company or its third-party content
provider. Users who click the link are presented with what looks
like a login screen to harvest the user's sign-in credentials in a
form of identity theft.
Report Availability
A complimentary copy of
the Akamai PLXsert Q3 2014 State of the Internet - Security
Report is available as a free PDF download at
www.stateoftheinternet.com/security-report.
Introducing stateoftheinternet.com
Corresponding to
availability of the Q3 2014 State of the Internet – Security
Report, Akamai is also announcing the launch of
stateoftheinternet.com. This new portal serves as the home for
content and information intended to provide an informed view into
online connectivity and cybersecurity trends as well as related
metrics, including Internet connection speeds, broadband adoption,
mobile usage, outages, and cyber-attacks and threats. Visitors to
stateoftheinternet.com can find current and archived versions of
Akamai's State of the Internet (Connectivity and Security) reports,
the company's data visualizations, and other resources designed to
help put context around the ever changing Internet landscape.
Further, with the launch of stateoftheinternet.com also comes
availability of the State of the Internet mobile app for Android.
Visit
http://www.stateoftheinternet.com/resources-report-state-of-the-internet.html
for more information and to download the app.
About Akamai
Akamai® is the leading provider of cloud
services for delivering, optimizing and securing online content and
business applications. At the core of the Company's solutions is
the Akamai Intelligent Platform™ providing extensive reach, coupled
with unmatched reliability, security, visibility and expertise.
Akamai removes the complexities of connecting the increasingly
mobile world, supporting 24/7 consumer demand, and enabling
enterprises to securely leverage the cloud. To learn more about how
Akamai is accelerating the pace of innovation in a hyperconnected
world, please visit www.akamai.com or blogs.akamai.com, and follow
@Akamai on Twitter.
Contacts:
|
|
Rob
Morton
|
Tom Barth
|
Media
Relations
|
Investor
Relations
|
617-444-3641
|
617-274-7130
|
rmorton@akamai.com
|
tbarth@akamai.com
|
Logo -
http://photos.prnewswire.com/prnh/20100225/AKAMAILOGO
To view the original version on PR Newswire,
visit:http://www.prnewswire.com/news-releases/akamai-plxserts-q3-2014-state-of-the-internet---security-report-released-280991717.html
SOURCE Akamai Technologies, Inc.