Australia has continued its rise as a source of distributed denial of service (DDoS) attacks, according to new figures from Akamai that have also highlighted a likely massive threat to retailers in the leadup to the critical holiday shopping season.
John Summers, vice president of Akamai's Cloud Security Business Unit, attributed the surge to the “easy availability of DDoS-for-hire sites that identify and abuse exposed Internet services”.
HTTP web application attacks, for example, increased by more than 96 percent from the previous quarter while PHP injection attacks jumped 238.98 percent, SQL injection attacks jumped 21.64 percent and local file inclusion attacks jumped 204.73 percent.
Attacks against SSDP, which is used by Universal Plug and Play (UPnP) devices in homes, comprised 14.6 percent of all attacks – the second largest DDoS vector. This trend reflects growing concerns about the lack of security in http://www.cso.com.au/
Only HTTPS web application attacks decreased, with a 79.02 percent slide attributed to a return to normal after a surge in HTTPS attacks in the wake of attacks leveraging the high-profile http://www.cso.com.au/
The report had ominous implications for retailers, who were targets in 55 percent of the observed DDoS attacks – far ahead of second-place financial services (14.7 percent), media and entertainment (7.99 percent) and public-sector (7.24 percent) organisations.
The threat to retailers couldn't come at a worse time, with http://www.roymorgan.
Interruptions to those sales could have catastrophic consequences for retailers, who already face a barrage of complications from new forms of malware: FireEye, for one, recently http://www.cso.com.au/
Akamai dealt with 1510 DDoS attacks during the quarter – a 180 percent jump over the same period a year ago and 23 percent up from Q2. Online gamers were the most frequently hit with DDoS attacks, while the media and entertainment industry faced the largest DDoS attacks – including an attack that hit its target with what Akamai says is a “record-breaking” 222 million packets per second.
That compared with an overall average DDoS intensity of 1.57 million packets per second. “An attack of this size could bring down a tier 1 router, such as those used by Internet service providers,” Akamai's analysis noted.
Earlier this year, the firm's ongoing monitoring of DDoS trends saw http://www.cso.com.au/