Australia spared the worst of rise in web attacks: Akamai

By on
Australia spared the worst of rise in web attacks: Akamai

Report paints bleak picture of increasingly hostile internet.

Australia has been spared the worst of a significant increase in attacks on internet-connected systems highlighted in content delivery giant Akamai's latest state of the internet security report.

The country is the second most common destination in the world for web application attacks, Akamai's figures show.

However, the overall threat against Australian sites is very small at 2.27 percent of all attack traffic.

United States-based websites are overwhelmingly the most attacked at 81.6 percent of attack traffic, Akamai noted.

Web application attacks rose by two-thirds in the first quarter of the year, Akamai found, with 178.5 million attacks detected on its edge network.

Such attacks include Structured Query Language (SQL) command injections, as was used against Telstra-acquired backbone provider Pacnet earlier this year, local and remote file inclusions (LFI/RFI) to execute code, and more. 

America also has the dubious honour of being the country where most attacks originate. Based on geolocation of Internet Protocol (IP) addresses, 53 percent originated in the United State, outstripping China at 11 percent, Brazil (6 percent) and India (4 percent).

Retailers were the hardest hit by web app attacks, followed by media, entertainment and hotel and travel operators, Akamai's report said.

Attacks to disrupt the operation of websites have also become more severe, the content delivery network operator reported.

A typical distributed denial of service attack as observed by Akamai in the first quarter of this year would be less than ten gigabit per second, but would last for more than 24 hours.

This is the opposite pattern of 2014, when DoS attacks used high bandwidth for a shorter periods of time, just over 17 hours on average.

The largest DDoS in the first quarter hit 170Gbps, Akamai said. A total of eight "mega attacks" that flooded victim networks with more than 100Gpbs of traffic were seen in the first quarter of 2015.

Simple Service Discovery Protocol (SSDP) came to the fore in the second half of 2014 as an attack vector; it was the most common form of DDoS attack in the first quarter of the year, accounting for more than 20 percent of cases, Akamai said.

SSDP is used in home routers and other consumer devices implementing the Universal Plug and Play Protocol (UPnP) for easy configuration.

Year on year, application layer attacks rose by almost 60 percent in the first quarter of 2015; however, DDoS attacks increased by 116 percent and infrastructure layer attacks skyrocketed by almost 125 percent in the same time period, according to Akamai.

Akamai claims to have visibility of between 15 to 30 percent of the world's internet traffic.

Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?