Cyber attacks are increasing in frequency, methods of attack, efficacy and source countries, as revealed in Akamai’s Q3 2015 State of the Internet – Security Report released recently.
Denial of Service (DDos) attacks remain a growing and constant threat, although Akamai’s latest finding show that attackers are now using smaller and shorter attacks to overcome their intended target’s defenses. This poses a significant cloud security risk in particular given the increasing number of key services that are online in Asia and the rest of the world, Akamai said.
Globally, the trend of cyber attacks has increased by 35% to 45% over the last five years. Rising yearly, these threats have seen Government and companies increasing their annual information security budget by 15% to 28%. Akamai said a recent security survey, found that at least a third of global organisations polled still lacked confidence in their ability to detect sophisticated cyber-attacks and manage them.
This trend is reflected locally as well, with statistics from Cyber Security Malaysia’s (CSM) emergency response team and the Malaysian Computer Emergency Response Team (MyCert) showing that there has been an increase in cyber attacks on Malaysian websites since 2012. In 2014, there were a reported 11,918 cases compared to 9,986 reports in 2012 – an increase of 20% in just under 2 years.
This is especially relevant given Malaysia’s position as a leading financial and banking growth market, coupled with the fast rising Internet business and services based ecosystem here. The Government’s recent commitment in Budget 2015/2016 to an investment in Internet infrastructure is also key as it opens new opportunities for consumers and businesses – but increases the threats that they may face online.
Highlights of Q3 SOTI – Security Report
- Akamai mitigated a record 1,510 DDoS attacks, a 180% increase over Q3 a year ago; and 23% more than last quarter
- Q3 data shows the United Kingdom as the top source country for DDoS attacks, responsible for 26% of attacks. China was the second- most prolific source country at 21%, the United States came in third (17%), and India and Spain tied for fourth at 7%
Web application attack activity
- The percentage of web application attacks sent over HTTP vs. HTTPS returned to a more typical level (88% via HTTP, 12% via HTTPS)
- The use of web application attacks over HTTPS is likely to rise as more sites adopt TLS-enabled traffic as a standard security layer.
- Attackers may also use HTTPS in an attempt to penetrate back-end databases, which are typically accessed from applications served via HTTPS
- The latest quarter has shown that the financial industry – which includes major financial institutions such as banks, insurance companies, payment providers and trading platforms – experienced about the same percentage of all attacks as in q2—8%. IT has however recently been the focus of various extortion attempts, and the group DD4BC led the way with multiple extortion and DDoS attacks against financial services.
- This is particularly relevant to Malaysian banks that are expanding and consolidating their positions here and regionally as they– like other Asian banks in a market estimated to be worth over USD900 billion in retail banking by 2020 – face an increasing threat from malicious individuals and organisations that are becoming increasingly sophisticated.
- Akamai’s most recent findings also reveal that more ASEAN based companies are becoming the focus for attacks and Malaysian firms are becoming more vulnerable to cyber attacks. Reportedly, it would cost a minimum of US$50,000 (over RM200,000) to recover from a single attack, while larger ones can face up to millions in Ringgit.
- The online gaming sector was hit particularly hard in Q3 2015, accounting for 50% of the recorded DDoS attacks. Gaming was followed by software and technology, which suffered 25% of all attacks. Internet and telecom was hit by 5% of attacks, a drop from 13% last quarter
- It’s interesting to note that online gaming has remained the most targeted industry since Q2 2014. A rapidly growing market that some analysts forecast will exceed USD100 billion by 2017, it is increasingly a growth and target market for developers and malicious sources alike globally and in Asia
Looking Forward, according to Akamai
- As the number of devices, vulnerabilities and users increases it is likely that cloud providers will remain the biggest trouble spot unless they do more to improve their internal security procedures.
- New attackers are also making their presence felt with distributed denial denial of service attacks expected to remain a popular weapon of choice for attackers
- Expect the heavy barrage of DDoS attacks against the gaming industry to continue, as players keep looking for an edge over competitors, and security vulnerabilities in gaming platforms continue to attract attackers looking for low-hanging fruit.
- Financial services will also remain a top target given the myriad opportunities malicious actors have to extract and monetize sensitive data.
- We will also continue to see malware in ads and third-party service attacks as attackers continue to increase
- We expect retailers to continue to suffer the vast majority of web application attacks given the potential financial gains for attackers
[Download PDF]: Akamai State of the Internet (SOTI) – Security: Q3 2015 Report