Australia is the world's second most-attacked Web target: Akamai

Australia continues to punch well above its weight as a target for online attacks, with new figures from content distribution network Akamai putting us second in the world – behind only the United States – as a target for online Web attacks.

Figures in Akamai's Q1 2015 State of the Internet security report, the latest in a series of quarterly reviews of some 10TB of attack data picked from traffic along Akamai's network, found that Australian sites were targeted in 2.27 percent of attacks. This put the country ahead of the UK (2.18 percent), Japan (1.8 percent), India (1.49 percent), Canada (1.26 percent) and Korea (1.07 percent).

Interestingly, New Zealand – which often mirrors Australian trends – was nowhere to be seen in the top 10, registering less than a third of Australia's proportion of attacks.

The figures pale by comparison to those for the US, which according to the figures received 81.61 percent of all attacks. That's consistent with other surveys of recent security activity, which have found Australia is particularly susceptible to ransomware attacks – with the new CryptoWall 3.0, in particular, proving to be twice as effective against ANZ targets than anywhere else in the world – despite being relatively good at avoiding mobile and other forms of malware.

Vulnerabilities in SSLv3, including POODLE, Shellshock and Heartbleed, drove Akamai to recommend that users disable SSLv3 where possible.

The company also offered detailed analysis of distributed denial of service (DDoS) attacks, with eight 'mega attacks' of up to 170Gbps intensity leveled against Akamai customers during the first quarter. Five of those attacks came in the last week of March alone.

Compared with the same quarter a year ago, the volume of DDoS attacks increased by 117 percent and the volume of infrastructure layer attacks increased by 125 percent. Average attack duration increased by 43 percent, although a 39 percent decrease in average peak bandwidth and 89 percent decrease in average peak packets per second.

“Typical DDoS attack profiles are shifting, with a decrease in bandwidth but an increase in frequency and duration,” the report's authors noted.

“Though the average DDoS attack is not high bandwidth, attackers have developed methods to make 100+ Gbps attacks easier and accessible in the DDoS-for-hire market.”

Read more: Fortinet eyes local growth as new MD digs in the spurs

By contrast, earlier reports suggested DDoS attacks against Australian targets were increasing in intensity but lasting half as long as the regional average.

The type of DDoS attacks shifted considerably compared with the same period in 2014, with NTP attacks down from 16.61 percent of all attacks to just 6.87 percent and DNS (8.95 percent down to 5.93 percent), ICMP (9.82 percent to 3.59 percent) and HTTP POST (2.37 percent down to 0.70 percent) based attacks among those seeing a dramatic fall-off.

Attacks against SSDP, on the other hand, did not register in 2014 but comprised 20.78 percent of all attacks in the first quarter of this year. UDP flood attacks also grew, from 10.36 percent to 13.25 percent of attacks, while CHARGEN attacks equally increased from 3.45 percent to 5.78 percent.

Russia, Korea, the UK, India, Germany and China all surged as sources of DDoS attacks from the fourth quarter of 2014, while the US actually plummeted as a DDoS source – from 31.54 percent of attacks in the previous quarter to just 12.18 percent of attacks in the first quarter of this year.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Feeling social? Follow us on Twitter and LinkedIn Now!

Join the CSO newsletter!

Error: Please check your email address.

Tags dataShellshockNew ZealandPOODLEHeartbleed#CSOAustralia(DDoS) attacksCSO AustraliaUnited StatesWeb targetakamai

More about CSOEnex TestLab

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts