Akamai’s Q1 2016 State of the Internet – Security Report has found that “mega attacks” hit record levels during the quarter, with the retail and gaming industries hardest hit with web application and DDoS attacks.Akamai states that during the quarter it mitigated more than 4,500 DDoS attacks, a 125 per cent increase year-on-year and up 22.5 per cent from the previous quarter.
Of the attacks, 55 per cent targeted gaming companies, with 25 per cent targeting the software and technology industry.
The quarter saw a record for the number of DDoS attacks exceeding 100 Gbps, totalling 19, with the previous record of 17 set in the 2014 third quarter, while in the previous quarter there were only five mega attacks.
Web application attacks were up nearly 26 per cent on the previous quarter, and, as in past quarters, the retail sector remained the most popular attack target, being targeted in 43 per cent of the attacks.
For the first time including an analysis of bot activity in the report, looking at bot activity over 24 hours, Akamai tracked and analysed more than two trillion bot requests, with identified and known, so-called good bots, representing 40 per cent of the bot traffic, while 50 per cent of the bots were determined to be malicious, engaged in scraping campaigns and related activity.
“We have continued to witness significant growth in the number and frequency of DDoS and web application attacks launched against online assets, and Q1 2016 was no exception,” Stuart Scholly, Akamai senior vice president and general manager, security business unit, commented.
“Interestingly, nearly 60 per cent of the DDoS attacks we mitigated used at least two attack vectors at once, making defense more difficult.
“Perhaps more concerning, this multi-vector attacks functionality was not only used by the most clever of attackers, it has become a standard capability in the DDoS-for-hire marketplace and accessible to even the least skilled actors.”