CAMBRIDGE, Mass., Feb. 20, 2018 /PRNewswire/ -- Newly released data
that analyzed more than 7.3 trillion bot requests per month found a
sharp increase in the threat of credential abuse, with more than 40
percent of login attempts being malicious, according to the
Fourth Quarter, 2017 State of the Internet / Security Report
released by Akamai Technologies, Inc. (NASDAQ: AKAM). According to
the Ponemon Institute, credential stuffing attacks can cost
businesses as much as $2.7 million on
an annual basis. In addition, Akamai's data further indicates that
DDoS attacks remain a consistent threat and the Mirai botnet is
still capable of strong bursts of activity.
Akamai researchers have seen recent hacker activity turning to
exploit remote code execution vulnerabilities in enterprise-level
software to make enterprise systems part of the botnet threat. For
example, hackers have been exploiting vulnerabilities in the
GoAhead embedded HTTP server—which has 700,000 potential
targets—and Oracle WebLogic Server. Aided by the disclosure of
Spectre and Meltdown earlier this year, both vulnerabilities open
the door to a new wave of attacks, including the surreptitious
installation of crypto mining programs that tie up computing
resources.
"A key motive of attackers has always been financial profit. In
the past few years, we have seen adversaries move to more direct
methods to achieve that goal such as ransomware," said Martin McKeay, senior security advocate and
senior editor, State of the Internet / Security Report.
"Crypto mining offers attackers the most direct avenue to monetize
efforts by putting money immediately into their cryptowallets."
Akamai's findings also confirmed that the total number of DDoS
attacks last quarter (Q4 2017) increased 14 percent from the same
time last year (Q4 2016). While previous reports from this year
showed the intensity of the Mirai botnet fading, Akamai saw a spike
of nearly 1 million unique IP addresses from the botnet scanning
the Internet in late November, showing that it is still capable of
explosive growth.
By the Numbers:
Other highlights from Akamai's Fourth Quarter, 2017 State of
the Internet / Security Report include:
- The hospitality industry suffered as the biggest target of
fraudulent credential attacks, with 82 percent of their login
attempts being from malicious botnets.
- The financial industry saw a sharp increase in the number of
DDoS attacks, experiencing 298 DDoS attacks against 37 distinct
organizations last quarter.
- Application layer DDoS attacks such as GET, PUSH and POST
floods increased in volume in Q4 by 115 percent since Q3.
- There was a 31 percent increase in DDoS attacks sourcing from
the U.S. last quarter (Q4 2017) compared to the same timeframe last
year (Q4 2016).
- Akamai saw 146 Petabytes of traffic in November and 145
Petabytes in December of bot traffic alone, which translates to
approximately 550 Mbps.
- Akamai mitigated 4,364 attack events on the routed platform in
the fourth quarter of 2017. In total, Akamai experienced 15,965
attack events throughout 2017.
Bot Activity Drives Rising Threat of Credential
Stuffing
On a typical day, Akamai monitors more than 2,750 bot requests
per second, which accounts for more than 30 percent of all pure web
traffic (excluding video streaming) across its platform. While much
of that bot activity is legitimate, cybercriminals are increasingly
leveraging bot activity for malicious use. For example, many of the
botnets traditionally responsible for DDoS attacks are being used
to abuse stolen login credentials. Of the 17 billion login requests
tracked through the Akamai platform in November and December,
almost half (43 percent) were used for credential abuse.
"Increased automation and data mining have caused a massive
flood of bot traffic to impact websites and Internet services.
Although most of that traffic is useful for Internet businesses,
cybercriminals are looking to manipulate the powerful volume of
bots for nefarious gains," said McKeay. "Enterprises need to watch
who is accessing their sites to differentiate actual humans from
both legitimate and malicious bots. Not all web traffic and not all
bots are created equal."
A complimentary copy of the Q4 2017 State of the Internet /
Security Report is available for download at
akamai.com/stateoftheinternet-security. Learn more about the cost
of credential stuffing by registering for a webinar with Dr.
Larry Ponemon, founder of Ponemon
Institute, on Wednesday, February 28,
2018.
Methodology
The Akamai Fourth Quarter, 2017 State
of the Internet / Security Report combines attack data from
across Akamai's global infrastructure and represents the research
of a diverse set of teams throughout the company. The report
provides analysis of the current cloud security and threat
landscape, as well as insight into attack trends using data
gathered from the Akamai Intelligent Platform. The contributors to
the State of the Internet / Security Report include security
professionals from across Akamai, including the Security
Intelligence Response Team (SIRT), the Threat Research Unit,
Information Security, and the Custom Analytics group.
About Akamai
As the world's largest and most trusted
cloud delivery platform, Akamai makes it easier for its customers
to provide the best and most secure digital experiences on any
device, anytime, anywhere. Akamai's massively distributed platform
is unparalleled in scale with over 200,000 servers across 130
countries, giving customers superior performance and threat
protection. Akamai's portfolio of web and mobile performance, cloud
security, enterprise access, and video delivery solutions are
supported by exceptional customer service and 24/7 monitoring. To
learn why the top financial institutions, e-commerce leaders, media
& entertainment providers, and government organizations trust
Akamai please visit www.akamai.com, blogs.akamai.com, or @Akamai on
Twitter.
Contacts:
|
|
Tim
Whitman
|
Tom Barth
|
Media
Relations
|
Investor
Relations
|
617-444-3019
|
617-274-7130
|
twhitman@akamai.com
|
tbarth@akamai.com
|
View original content with
multimedia:http://www.prnewswire.com/news-releases/q4-2017-akamai-state-of-the-internet--security-report-shows-botnets-shift-focus-to-credential-abuse-300599945.html
SOURCE Akamai Technologies, Inc.