DDoS Attacks Set New Record While Credential Abuse Attacks Decline

1 of 8

DDoS Attacks Set New Record While Credential Abuse Attacks Decline

Akamai released its State of the Internet Security Summer 2018 report on June 26, providing insight into the current state of web application and distributed denial-of-service (DDoS) attacks. The 28-page report takes a specific look at credential abuse attacks against the hotel and travel industry, finding that attacks have leveled off over the last three months after reaching a peak at the end of January. The report also found that DDoS attack volume reached a record high of 1.35T bps, powered by a memcached reflection attack vector. On average, Akamai found that over the last six months, organizations faced an average of 41 DDoS attacks. In this slide show, eWEEK looks at some of the highlights of Akamai's State of the Internet Security Summer 2018 report.

2 of 8

DDoS Sets New Record

The largest DDoS attack seen by Akamai over the last six months was a 1.35T-bps attack that occurred at the end of February. The attack made use of misconfigured memcached servers to reflect and amplify attack volume.

3 of 8

UDP Fragments Often Used in DDoS Attacks

Looking at DDoS attack vector frequency, Akamai found that UDP fragments were the top vector for infrastructure layer attacks.

4 of 8

Organizations Repeatedly Hit by DDoS Attacks

Over the last six months, Akami found that organizations were hit with a DDoS attack an average of 41 times.

5 of 8

Hotel and Travel Credential Abuse Declines

Hotel and travel sites were heavily targeted at the beginning of 2018 by attackers looking to use fraudulent or stolen credentials. Akamai found that attacks declined significantly in February as operators closed down multiple routes that were sources of malicious traffic.

6 of 8

SQL Injection Remains Top Web Attack Vector

Fifty-one percent of web application attacks seen by Akamai from November 2017 until April 2018 used SQL injection (SQLi) as an attack vector.

7 of 8

U.S. Remains Top Target

While attackers go after targets all around the world, the United States is by far the most attacked country.

8 of 8

Good Tools Increasingly Used in Fileless Attacks, Carbon Black Finds

Modern bank heists involve a variety of tools and techniques, including ransomware and non-malware attacks, a Carbon Black report on cyber-attacks in the financial sector finds.