CAMBRIDGE, Mass., May 16, 2017 /PRNewswire/ --
- Mirai "DNS Water Torture" attacks target the financial services
industry
- Report highlights a 35 percent year-over-year increase in total
web application attacks from Q1 2016
Akamai Technologies, Inc. (NASDAQ: AKAM), the world's largest
and most trusted cloud delivery platform, today released its
First Quarter, 2017 State of the Internet / Security Report.
The report, using data gathered from the Akamai Intelligent
Platform, provides analysis of the current cloud security and
threat landscape, as well as insight into attack trends.
Download the latest State of the Internet / Security
Report for data, analysis, and graphics at
akamai.com/stateoftheinternet-security.
"If our analysis of Q1 tells us anything, it's that risks to the
Internet and to targeted industry sectors remain and continue to
evolve" said Martin McKeay, senior
security advocate and senior editor, State of the Internet /
Security Report. "Use cases for botnets like Mirai have
continued to advance and change, with attackers increasingly
integrating Internet of Things vulnerabilities into the fabric of
DDoS botnets and malware. It's short sighted to think of Mirai as
the only threat, though. With the release of the source code, any
aspect of Mirai could be incorporated into other botnets. Even
without adding Mirai's capabilities, there is evidence that botnet
families like BillGates, elknot, and XOR have been mutating to take
advantage of the changing landscape."
Highlights from Akamai's First Quarter, 2017 State of the
Internet / Security Report include:
DDoS Attacks
- Mirai DNS Water Torture Attacks, a DNS query flood included in
Mirai malware, targeted Akamai customers in the financial services
industry. Most of the impacted DNS servers received queries at an
even rate during the attacks, except for an attack observed on
January 15, 2017 when one of three
DNS servers received 14 Mbps of attack traffic. The attacks can
create denial of service outages by consuming the target domain's
resources in looking up randomly generated domain names in great
numbers.
- Reflection attacks continued to comprise the largest number of
DDoS attack vectors and accounted for 57 percent of all mitigated
attacks in Q1 2017, with Simple Service Discovery Protocol (SSDP)
reflectors as the biggest source of attacks.
Web Application Attacks
- The United States remained the
top source country for web application attacks, showing another
significant year-over-year increase — up 57 percent from Q1
2016.
- The top three attack vectors used against web applications in
Q1 of 2017 were SQLi, LFI and XSS.
- The Netherlands, in second for
the top source of web application attacks of Q1 2017, dropped to 13
percent from 17 percent in the previous quarter, remaining a
consistent source of attack traffic and a large proportion of
attacks from a country of only 17 million citizens.
Top Attack Vectors
- UDP fragment, DNS and NTP maintained their positions as the top
three DDoS attack vectors, while reserved protocol floods and
connection floods were also on the Q1 2017 attack vectors
list.
- The Q1 2017 top three most frequent attack vectors per week
were ACK, CHARGEN, and DNS.
- New reflection attack vector Connectionless Lightweight
Directory Access Protocol (CLDAP) was discovered and has been
observed producing DDoS attacks comparable to DNS reflection with
most attacks exceeding 1 Gbps.
A complimentary copy of the Q1 2017 State of the Internet /
Security Report is available for download at
akamai.com/stateoftheinternet-security. Download individual
figures, including associated captions, here.
About Akamai
As the world's largest and most trusted
cloud delivery platform, Akamai makes it easier for its customers
to provide the best and most secure digital experiences on any
device, anytime, anywhere. Akamai's massively distributed
platform is unparalleled in scale with over 200,000 servers across
130 countries, giving customers superior performance and threat
protection. Akamai's portfolio of web and mobile performance,
cloud security, enterprise access, and video delivery
solutions are supported by exceptional customer service and
24/7 monitoring. To learn why the top financial institutions,
e-commerce leaders, media & entertainment providers, and
government organizations trust Akamai please
visit www.akamai.com, blogs.akamai.com, or @Akamai on
Twitter.
Contacts:
Rob Morton
|
Tom Barth
|
|
Media
Relations
|
Investor
Relations
|
|
617-444-3641
|
617-274-7130
|
|
rmorton@akamai.com
|
tbarth@akamai.com
|
|
To view the original version on PR Newswire,
visit:http://www.prnewswire.com/news-releases/akamai-releases-first-quarter-2017-state-of-the-internet--security-report-300458077.html
SOURCE Akamai Technologies, Inc.