CAMBRIDGE, Mass., June 7, 2016 /PRNewswire/ -- Akamai
Technologies, Inc. (NASDAQ: AKAM), the global leader in content
delivery network (CDN) services, today published the Q1 2016 State
of the Internet – Security Report. The quarterly report provides a
detailed view of the global cloud security threat landscape and
in-depth analysis and insight into malicious activity observed
across the Akamai Intelligent Platform™. Download the
latest State of the Internet – Security Report at
stateoftheinternet.com/security-report.
"We have continued to witness significant growth in the number
and frequency of DDoS and web application attacks launched against
online assets, and Q1 2016 was no exception," said Stuart Scholly, senior vice president and
general manager, Security Business Unit, Akamai. "Interestingly,
nearly 60 percent of the DDoS attacks we mitigated used at least
two attack vectors at once, making defense more difficult. Perhaps
more concerning, this multi-vector attacks functionality was not
only used by the most clever of attackers, it has become a standard
capability in the DDoS-for-hire marketplace and accessible to even
the least skilled actors."
DDoS attack activity at a glance
During Q1, Akamai
mitigated more than 4,500 DDoS attacks, a 125 percent increase
compared with Q1 2015. As in recent quarters, the vast majority of
these attacks were based on reflection attacks using
stresser/booter-based tools. These tools bounce traffic off servers
running vulnerable services such as DNS, CHARGEN, and NTP. In fact,
70 percent of the DDoS attacks in Q1 used the reflection-based DNS,
CHARGEN, NTP, or UDP fragment vectors.
More than half of the attacks (55 percent) targeted gaming
companies, with another 25 percent targeting the software and
technology industry.
Q1 2016 also set a record for the number of DDoS attacks
exceeding 100 Gigabits per second (Gbps): 19. The largest of
these mega attacks mitigated by Akamai peaked at 289 Gbps. Fourteen
attacks relied on DNS reflection methods. Last quarter, there were
only five mega attacks; the previous record was 17, set in Q3
2014.
During Q4 2015, repeat DDoS attacks became the norm, with an
average of 24 attacks per targeted customer in Q4. The trend
continued this quarter; targeted customers were attacked an average
of 39 times each. One customer was targeted 283 times – an average
of three attacks per day.
DDoS metrics
Compared with Q1 2015
- 125.36 percent increase in total DDoS attacks
- 142.14 percent increase in infrastructure layer (layers 3 &
4) attacks
- 34.98 percent decrease in the average attack duration: 16.14
vs. 24.82 hours
- 137.5 percent increase in attacks > 100 Gbps: 19 vs.
eight
Compared with Q4 2015
- 22.47 percent increase in total DDoS attacks
- 23.17 percent increase in infrastructure layer (layers 3 &
4) attacks
- 7.96 percent increase in the average attack duration: 16.14 vs.
14.95 hours
- 280 percent increase in attacks > 100 Gbps: 19 vs. five
Web application attack activity
Web application
attacks increased nearly 26 percent compared with Q4 2015. As
in past quarters, the retail sector remained the most popular
attack target, targeted in 43 percent of the attacks. But in a
shift from last quarter, we saw a two percent decrease in web
application attacks over HTTP and a 236 percent increase in web
application attacks over HTTPS. There was also an 87 percent
increase in SQLi attacks compared with the previous quarter.
As in recent quarters, the US was both the most frequent source
of web application attack traffic (43 percent) and the most
frequent target (60 percent).
Web application attack metrics
Compared with Q4
2015
- 25.52 percent increase in total web application attacks
- 1.77 percent decrease in web application attacks over HTTP
- 235.99 percent increase in web application attacks over
HTTPS
- 87.32 percent increase in SQLi attacks
Bot activity snapshot
For the first time, we've
included an analysis of bot activity in the State of the
Internet - Security Report. Looking at bot activity over 24
hours, we tracked and analyzed more than two trillion bot requests.
While identified and known, so-called good bots represented 40
percent of the bot traffic, 50 percent of the bots were determined
to be malicious and were engaged in scraping campaigns and related
activity.
Growth in DDoS reflectors
Using firewall data from the
perimeter of the Akamai Intelligent Platform, our analysis showed a
77 percent growth in active Quote of the Day (QOTD) reflectors, a
72 percent increase in NTP reflectors and a 67 percent increase in
CHARGEN reflectors compared to Q4 2015. Active SSDP reflectors
declined by 46 percent.
Download the report
A complimentary copy of
the Q1 2016 State of the Internet - Security Report is
available for download at
stateoftheinternet.com/security-report.
About Akamai
As the global leader in Content Delivery
Network (CDN) services, Akamai makes the Internet fast, reliable
and secure for its customers. The company's advanced web
performance, mobile performance, cloud security and media delivery
solutions are revolutionizing how businesses optimize consumer,
enterprise and entertainment experiences for any device, anywhere.
To learn how Akamai solutions and its team of Internet experts are
helping businesses move faster forward, please visit
www.akamai.com or blogs.akamai.com, and follow @Akamai on
Twitter.
Akamai
Contacts:
|
|
Rob Morton
|
Tom Barth
|
Media
Relations
|
Investor
Relations
|
617-444-3641
|
617-274-7130
|
rmorton@akamai.com
|
tbarth@akamai.com
|
Photo -
http://photos.prnewswire.com/prnh/20160606/376033-INFO
Logo -
http://photos.prnewswire.com/prnh/20100225/AKAMAILOGO
To view the original version on PR Newswire,
visit:http://www.prnewswire.com/news-releases/mega-attacks-hit-new-record-repeat-attacks-surge-booterstresser-sites-launching-multiple-attack-vectors-simultaneously-300280429.html
SOURCE Akamai Technologies, Inc.