Page 14 - AeM_May_2017
P. 14
RESEARCH, ANALYSIS & TRENDS
Akamai’s Q1 2017 State of the
Internet / Security Report
Akamai Technologies, Inc. just released its First Quar- Simple Service Discovery Protocol (SSDP) reflec-
ter, 2017 State of the Internet / Security Report. The tors as the biggest source of attacks.
report, using data gathered from the Akamai Intelligent
Platform, provides analysis of the current cloud security Web Application Attacks
and threat landscape, as well as insight into attack
trends. • The United States remained the top source country
for web application attacks, showing another signifi-
“If our analysis of Q1 tells us anything, it’s that risks to cant year-over-year increase — upercent from Q1
the Internet and to targeted industry sectors remain and 2016.
continue to evolve” said Martin McKeay, senior security
advocate and senior editor, State of the Internet / Secu- • The top three attack vectors used against web ap-
rity Report. “Use cases for botnets like Mirai have con-
tinued to advance and change, with attackers increas- plications in Q1 of 2017 were SQLi, LFI and XSS.
ingly integrating Internet of Things vulnerabilities into
the fabric of DDoS botnets and malware. It’s short sight- • The Netherlands, in second for the top source of
ed to think of Mirai as the only threat, though. With the web application attacks of Q1 2017, dropped to 13
release of the source code, any aspect of Mirai could be percent from 17 percent in the previous quarter,
incorporated into other botnets. Even without adding remaining a consistent source of attack traffic and a
Mirai’s capabilities, there is evidence that botnet families large proportion of attacks from a country of only 17
like BillGates, elknot, and XOR have been mutating to million citizens.
take advantage of the changing landscape.”
Highlights from Akamai’s First Quarter, 2017 State of Top Attack Vectors
the Internet / Security Report include:
• UDP fragment, DNS and NTP maintained their po-
DDoS Attacks sitions as the top three DDoS attack vectors, while
reserved protocol floods and connectionds were
• Mirai DNS Water Torture Attacks, a DNS query also on the Q1 2017 attack vectors list.
flood included in Mirai malware, targeted Akamai
customers in the financial services industry. Most of • The Q1 2017 top three most frequent attack vec-
the impacted DNS servers received queries at an tors per week were ACK, CHARGEN, and DNS.
even rate during the attacks, except for an attack
observed on January 15, 2017 when one of three
DNS servers received 14 Mbps of attack traffic. The Neonless Lightweight Directory Access Protocol
attacks can create denial of service outages by con- (CLDAP) was discovered and has been observed pro-
suming the target domain’s resources in looking up ducing DDoS attacks comparable to DNS reflection
randomly generated domain names in great num- with most attacks exceeding 1 Gbps.
bers.
A complimentary copy of the Q1 2017 State of the In-
• Reflection attacks continued to comprise the largest ternet / Security Report is available for download at
number of DDoS attack vectors and accounted for akamai.com/stateoftheinternet-security. ◊
57 percent of all mitigated attacks in Q1 2017, with
14 May 2017 - (Cyber) Security & Data Protection