<< Back to article Print this page Loading page, please wait...

DDoS volumes plateau as hackers try new attack vectors: Akamai

David Braue (CSO Online)
15 January, 2015 09:32

Findings by content distribution network (CDN) provider Akamai that Australia is sliding down the world's broadband rankings got widespread coverage, but Akamai's review of global security exposure has also highlighted more pressing information-security concerns in Australia and elsewhere.

A significant change in the security profile presented during the company's latest State of the Internet report was the fluctuation in the nature of distributed denial of service (DDoS) attacks, which appeared to have lessened in quantity from Akamai's surveys a year ago.

Customers of the company, whose Akamai Intelligent Platform monitors the flow of more than 2 trillion connections per day, reported 270 DDoS attacks during the third quarter of 2014.

This was on par with the fiscal Q2 figures and down from 283 in Q1; however, Akamai's analysts warned that the shift to attacks aimed at higher network layers “remains a steady problem” as hackers increasingly look to new forms of attack.

Diversification of attack efforts was noted in an observed shift in ports targeted by attackers, with port 80 (HTTP), 443 (HTTPS) and 880 (HTTP Alternate) dropping “significantly” during the quarter, the report noted.

Although Australia received just 0.2 percent of global attack traffic during the quarter, the Asia-Pacific region was well represented, accounting for 31 percent of all DDoS attacks as opposed to 53 percent in the Americas.

The number of attacks grew by 25 percent over the previous quarter, with 84 attacks reported by Akamai customers in the region during the quarter. This represented an 18 percent jump from the 71 attacks reported in the region a year earlier.

Indonesia was the only of the top 10 countries to see a decline in observed attack traffic, which dropped from 15 percent of all attacks to just 1.9 percent in the third quarter.

DDoS attacks were predominantly focused on enterprises (39 percent) but commerce (24 percent), media and entertainment (16 percent), high tech (13 percent) and public sector (8 percent) organisations.

This, the report found, represented “a significant redistribution of the industries targeted” with attacks on commerce targets dropping 15 percent, high tech dropping 19 percent and public sector targets dropping 27 percent compared with previous surveys.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Upcoming IT Security Events

Feb 3rd, Feb 4th, Feb 6th 2015

Join @NirZuk #PaloAltoNetworks for Breakfast (lunch in Auckland) on keeping your enterprise safe from risk. Cyber attacks continue to increase in volume and sophistication leaving traditional security practices completely ineffective.

March 3rd, March 5th, March 9th 2015

Join CSO for the day@#csoperspectives and hear from @kimzetter @frankheidt

3 International Keynote speakers, 36 Key IT Security Industry Speaker, 21 Exhibitors, Security Analysts and many more.. Register today

Dont miss one of the biggest IT Security events in ANZ (registration is free, but seats are limited)