The number of web application attacks grew 69 percent, according to State of the Internet / Security Report released by Akamai Technologies.
Web application attacks rose 30 percent in the last quarter alone as compared to the second quarter of 2017.
There was a 217 percent year on year and 48 percent quarter on quarter increase in attacks sourcing from the U.S.
Cyber attackers utilized SQL injection (SQLi) attacks as a part of the significant rise of web application attacks. This attack vector increased 62 percent since last year, and 19 percent since last quarter.
The increase in web application attacks, particularly “injection” attacks like SQLi, should come as no surprise as the latest version of the OWASP Top 10 2017 that came out last week has “injection” (inclusive of SQLi) as the top ranked vulnerability category. This iteration is the first major update to the OWASP Top 10 since 2013, when “injection” also resided in the top spot.
Mirai malware strain, which uses Internet of Things (IoT) devices, was responsible for the largest attack seen in Q3 at 109 Gbps. The ongoing Mirai activity, coupled with the introduction of WireX, which commandeers Android devices, highlights the vast potential that exists for new sources of botnet armies.
“Our experience suggests that an army of new potential attackers comes online every day. Couple with that, the ubiquity of Android software and the growth in the Internet of Things are amplifying the risk/reward challenges that enterprises face to tremendous levels,” said Martin McKeay, senior security advocate and senior editor, State of the Internet / Security Report.
The use of Fast Flux DNS by botnets is examined, demonstrating why the use of rapidly changing DNS information helps attackers by making it harder to track and disrupt botnets and malware.
The number of DDoS attacks in Q3 increased by 8 percent quarter over quarter, highlighted by a 13 percent increase in the average number of attacks per target (36).
Germany, despite not being among the top five source countries for DDoS attack traffic in the previous quarter, had the largest number of attack traffic source IPs in Q3 – 58,746 – 22 percent of the global total.
Egypt, last quarter’s leader for DDoS attack traffic (44,198) fell out of the top 5 in Q3.
Australia suffered the third most web application attacks (19,115,151) despite not even registering in the top 10 in Q2.