A new report from Akamai shows a 132 percent increase in the total volume of second-quarter DDoS attacks, compared with the same period last year.
2More Than Half of Attacks Were Over HTTPS
While HTTPS is generally considered a good thing for security because it provides encrypted data transport, it can also be used by attackers looking to breach an organization; 56 percent of attacks were over HTTPS.
3Shellshock Was a Top HTTPS Attack Vector
The Shellshock vulnerability, first disclosed in September 2014, was actively being exploited by attacks over HTTPS in the second quarter of 2015.
4SQL Injection Is the Top HTTP Attack Vector
Looking at regular HTTP Web traffic, SQL injection (SQLi) is the top attack vector, followed by local file inclusion (LFI).
5Most DDoS Attacks Are Infrastructure Layer
The vast majority (90 percent) of DDoS attacks targeted the infrastructure layer, while 10 percent affected the application layer.
6Large DDoS Affected Internet and Telecom
Ten out of twelve DDoS attacks of 100G bps or higher targeted the Internet and telecom industry. Among the largest DDoS attacks in the second quarter was a 249G-bps attack on April 3 that targeted an Internet and telecom company.
7Gaming Is a Top DDoS Target
While high-bandwidth DDoS attacks affected Internet and telecom organizations significantly in the second quarter, based on frequency, the gaming industry is still the most targeted overall, representing 35 percent of attacks in the second quarter.
88 in 10 Web Application Attacks Are Against the U.S.
While Web application attacks are a global problem, the United States remains the top target—representing 81 percent of attacks in the second quarter of 2015.
9DDoS Attacks Made in China
During the second quarter, Akamai reported that 37 percent of all DDoS attacks originated in China.