Akamai Security Report Shows Threat Landscape Continues to Evolve

Top attack sources vary by threat vector. In the second quarter, China was the top source for DDoS attack traffic while Brazil led in web application attacks, according to Akamai.

During the second quarter, Akamai reported that the largest DDoS came in at 363 G bps against a European media company.

While DDoS attacks can come from anywhere in the world, China was the top source during the second quarter at 56 percent. The United States came in a distant second at 17 percent.

Across Akamai’s DDoS protection customer base, the most targeted industry for DDoS continues to be gaming with 57 percent of attacks in the second quarter.

A common way DDoS attackers are able to increase bandwidth is by way of reflection attacks. In a reflection attack, a misconfigured service is abused to amplify and “reflect” attack traffic. In the second quarter, NTP was the most used protocol for reflection attacks at 59 percent.

SQL Injection (SQLi) and Local File Injection (LFI) accounted for nearly 90 percent of all web application attacks.

In the second quarter, the United States dropped to the No. 2 spot for top web application attack source. Brazil now claims the top spot with 25 percent of all web application attacks observed by Akamai in the second quarter. Akamai pegs Brazil’s gain to a number of attacks against the hotel industry in April.

While the United States isn’t the top source for web application attacks, it’s still the top target with 64 percent of attacks.

Akamai found that on a single day, bot traffic represented 43 percent of all traffic. While some bots declare themselves, such as web search crawlers, many do not. In fact, 63 percent of the bots Akamai found were undeclared and were part of various automation or scraping campaigns.