Akamai: 35 percent more attacks on Web applications

In the first quarter of 2017 Akamai has observed a 35-percent increase in attacks on Web applications when compared to the same period last year. A decrease in major DDoS attacks occurred at the same time. That out of the Internet Akamais quarterly report to the State.

Akamai delivers online content as content delivery network (CDN) and accelerates them. That allows the company to collect data on the Internet development worldwide and to analyze. It estimates the increasing attacks on Web applications as serious, because they are worse in the long term as the temporary unavailability because of denial-of-service attacks.

 DDoS attacks decline - increase attacks on Web applications (image: Akamai) DDoS attacks decline – increase attacks on Web applications (image: Akamai)

most commonly used as an attack vector was SQL injection in the first quarter, 44 percent (SQLi) – and that even with an upward trend since SQLi attacks by 29 percent to. As more attack vectors, local file inclusion (LFI) followed with 39 percent and 10 percent cross-site scripting (XSS). Most of the attacks on Web applications came from the United States, the Netherlands, Brazil, China and Germany. The relatively high proportion of attacks from the Netherlands – with a population of just 17 million was particularly surprising.

“If we can conclude anything from the analysis of the first quarter of 2017, then, that the risks related to the Internet and the sectors concerned remain unchanged and are the threat situation constantly further developed”, reported Martin McKeay, senior security advocate by Akamai. “The application scenarios by botnet attacks, around Mirai, have been continuously refined and changed. Attackers exploit increasingly Internet of things vulnerabilities in the to carry out their attacks with DDoS Botnets and malware.”

this last continuously decreased the average size of attack of DDoS attacks. While there were early 2015 4 GB per second, which fell in the first quarter of 2017 to little more than 500 MBit per second. There are of course on where mega attacks with a volume of more than 100 GBit per second in particular IoT devices are used.

Akamai sees the reason for the reduced average intensity in a competitive situation, as more groups go into the business with DDoS attacks. There are only a limited number of devices with the kind of vulnerabilities, which they recommend for use in a botnet. “And then come other attackers and take the unit to use the resources for their own botnet”, Martin McKeay told CSO . “I’m watching it again and again.”

the Akamai Manager attributed the decline in extremely large DDoS attacks on the increased activity by investigating authorities, which led to the arrest of botnet operators. As other groups could take their place, companies should stay but remain vigilant. “DDoS is generally a cyclical phenomenon,” he said. “About three years ago, it really took off, and we saw a big increase. For about a year, the trend went downward now. “But we suspect that this is only a temporary change and again will go to the top.”


what next – BB´s storage & co: the enterprise cloud!

get to know the building blocks of enterprise cloud platform in this audio Webinar. Learn how to achieve maximum freedom and flexibility for your applications. More outcome achieved with less input – specific application examples. [Update: the webinar has already occurred.] Register now and look at the record.

Be the first to comment

Leave a Reply