The first quarter of 2016 has been an eventful one chock-full of cyberattacks and emerging threats.
Yesterday (June 7), Akamai Technologies released its Q1 2016 State of the Internet - Security Report, which takes an in-depth look into the global cloud security threat landscape to provide analysis and insight into malicious activity that’s been observed across the Akamai Intelligent Platform™ from January to March of this year.
“We have continued to witness significant growth in the number and frequency of DDoS and web application attacks launched against online assets, and Q1 2016 was no exception,” explained Stuart Scholly, SVP and GM of Akamai’s Security Business Unit.
“Interestingly, nearly 60 percent of the DDoS attacks we mitigated used at least two attack vectors at once, making defense more difficult. Perhaps more concerning, this multi-vector attacks functionality was not only used by the most clever of attackers, it has become a standard capability in the DDoS-for-hire marketplace and accessible to even the least skilled actors.”
Here are some of the key takeaways from the Q1 2016 report:
- From Q1 2015 to Q1 2016, there’s been a 125-percent increase in total DDoS attacks.
- The largest attacks hit the software & technology, gaming, and media & entertainment sectors.
- Of the more than 4,500 DDoS attacks mitigated by Akamai, roughly 55 percent were aimed at gaming companies, while another 25 percent targeted the software and technology industry.
- After tracking and analyzing more than 2 trillion bot requests, approximately 50 percent of the bots were deemed malicious and were actively involved in scraping campaigns and related activity.
- The U.S. remains at the top of the list for the most frequent source of web application attack traffic (43 percent), while also being the most frequent target (60 percent) of such attacks.
- Q1 2016 set a record for the highest number of DDoS attacks exceeding 100 Gigabits per second (Gbps): 19. There was a 137-percent increase in these “mega attacks.”
- The trend of repeat DDoS attacks has carried over into 2016, with targeted customers reporting being attacked an average of 29 times each.
- Compared with Q4 2015, web application attacks grew by nearly 26 percent.
- DDoS attack tools have grown more sophisticated, as noted by the 59 percent rise in multi-vector attacks, which cause problems for security practitioners, since unique mitigation controls are required for each attack vector.
- China took the lead as a source for DDoS attacks (27 percent), followed by the U.S. with 17 percent, and Turkey was third with 10 percent of attacking IP addresses.
To learn more, check out the infographic from Akamai Technologies below.