DDoS Attacks on The Rise: Increased 132% In Q2 2015, HTTPS Most Targeted

Must Read

Free Netflix in India: A Result of Slow Growth In Q3 2020?

Netflix is testing a new strategy that could lead to free Netflix in India. The online streaming...

Jio Pages: The Indian Browser Reliance Is Betting On Now!

Looks like Reliance wants to establish Jio as a synonym of technology. After launching a fleet of...

Flipkart, Amazon Hurtle To Secure Their Slice in Aditya Birla Fashion

The battle conch for the festive season has already been blown. Now in a bid to take...

Cloud computing has become a data-haven today. Owing to its easy accessibility and reduced cost, it is one of the widely used means to store data in most of the IT firms. Cloud computing, though, depends completely on Internet connectivity, Internet design, unfortunately, does not have the high levels of expected security.

Distributed Denial of Service attack, widely known as DDoS attack, is the primary threat to cloud computing. The DDoS attacks attempt to make the online data unavailable by redirecting overwhelming traffic, from multiple resources. The trend of the attacks is changing across quarters. In Q2 2015, the attack, though less powerful, lasted longer, as stated in The State of the Internet – Security Report by Akamai.

DDOS attacks witnessed an increase of 132.43% in Q2 2015 compared to the second quarter last year, with China being the top source of the attack, accounting for 37.01%, followed by the US and the UK. China is the biggest perpetrator as well as the target of these attacks. Brazil emerged as the new hub of hackers accounting to 11% of all attacks.

Advertisements

Interestingly, from another report by Incapsula, the longest attack ever reported in this quarter, was for sixty-four days.

Top countries source DDos Attack Q2-2015

The Akamai report, on the other hand, claims that the largest DDoS attack happened at 240 gigabits per second, which continued for more than 13 hours. However, the peak bandwidth attack existed only for around two hours.

The Q2 report by Akamai claims the Gaming Sector to be the worst hit, with more than 35% of attacks faced by it. The sector is followed by Software and Technology at 28%, and Internet and telecom at 13%. Besides, from the financial services, Banks and trading platforms accounting for 8% of attacks and see few larger attacks of 100+Gbps of the quarter. Most of the individual customer attacks in the financial services industry are found to be Shellshock attacks. However, an article at TCS website claims Banking industry is the main victim of attacks, struggling to counter them. Devising a strategy though may not be an easy job, as no two DDoS attacks are alike.

The report also focuses on common nine web application attack vectors. The new types of attacks are cross-site scripting (XSS) and Shellshock. The older attacks include JVMi, SYN, SSDP, SQLi and LFI. SQLi, which is up by 75% from the last quarter and accounts for 26% of all attacks. On the other hand, LFI (Local file infusion) attack dropped significantly to only 18%in the second quarter.

Surprisingly, HTTPS enabled sites, where data is transmitted over a secured connection in an encrypted mode, have been the target of 56% of the total attacks as compares to 44% of attacks on the HTTP (non-secured connection)  sites, report reveals. This is really surprising considering the fact that most of websites, which are offering transactional services are highly targeted by hackers. Thus, HTTPS can not be considered as secure as it was originally thought.

Advertisements

DDoS HHTP vs HTTPS

Though the Q1 report of Akamai on Internet security pointed to third-party plugins to be the malicious actors and explained the same, the Q2 report has taken the widely used data exchange platform WordPress for a case study. The Q2 report reveals 49 prior unknown vulnerabilities due to the third-party WordPress plugins. The report also recommended that site owners must research the plugins prior to utilizing and to ensure the security of the plugin.

The Tor project ensures the anonymity of the website users, that employs an onion routing method, with a separate entry and exit nodes.  The onion routing makes it easy to peep through the network and attack the websites. The Retail industry remains to be the most targetted victim of Tor attacks. Financial services and high technology follow the retail industry in terms of the number of attacks from Tor.

A glimpse into future of internet security

The rising internet security threats pose a new challenge. It is vital to acquire unparalleled data in regard to the security features of the web application used. Additionally, effective engagement of software and hardware is a prior requirement. From the findings of Akamai report, it is evident SYN and SSDP vector attacks are the most threatening ones. Here are few takeaways to keep your network safe.

  • Home-based networks being the favorite target of attacks to keep away these networks from the attacks it is necessary to employ a properly configured home firewall.
  • Universal Plug and Play (UPnP) devices connected to home networks are vulnerable to the attacks. The home user can always disable the UPnP devices on the router and the other devices facing the public that do not require the router connection.
  • In case of device manufacturers, it is required to push the firmware of the UPnP device complementing to the LAN network it is used.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Huawei All Set To Bid Adieu To Smartphone Market?

The effects of the US ban on Huawei, along with a few other Chinese companies, have started...

Tata Group To Acquire 50% Stake In BigBasket: A Winning Edge Against JioMart?

The Tata Group has apparently found its winning edge against Ambani's JioMart and might add this newfound opportunity to their shopping list...

Amazon Locks Head With The Music Industry: Twitch Letting Streamers Use Unlicensed Music!

The global e-commerce giant Amazon.com, Inc. (NASDAQ:AMZN) has upset the biggies of the music industry as one of its acquisitions have been...

Mobile Internet Speed In India: From Bad To Worse [REPORT]

Languishing. And la…g…g…i…n…g. The sorry state of the desi internet in India. In a rather sad turn of events,...

Google Boots Out 3 Immensely Popular Android Apps from Play Store: Questions About Content Policing Resurface

With such a flourishing wilderness of Android apps on the Google Play Store, there is every likelihood of encountering something seemingly innocuous...

Reliance Future Group Deal In The Soup: SIAC Orders To Put The Deal On Hold

When Reliance agreed to acquire Future Group for $3.4 billion, recently, the share of Reliance Industries Limited rallied on the stock market....

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter,...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one...

More Articles Like This