Security Experts:

Akamai: China, DDoS Attacks Were Biggest Security Threats In Q4 2012

China and DDoS attacks were the two biggest security threats that organizations had to fend off during the last quarter of 2012, Akamai Technologies said in its State of the Internet report, released Tuesday.

The report takes gathered from Akamai's massive infrastructure and provides insights into global Internet statistics including network speeds, attack traffic, and threat analysis.

More than 700 million unique IPv4 addresses from 240 countries and regions connected to Akamai's Intelligent Platform during the fourth quarter of 2012, according to the report. Since one single IP address could represent multiple individuals in some cases, Akamai estimated the number of unique Web users were well over a billion. Akamai also noted that mobile data traffic doubled from the fourth quarter 2011 to fourth quarter 2012.

Industry Sectors Hit Most Often by DDoS AttacksDistributed denial of services attacks more than tripled from the previous year, with customers reporting 768 DDoS attacks over the fourth quarter, Akamai said. Commerce customers were the most targeted, accounting for over a third of the attacks, following by media and entertainment companies at 22 percent. Enterprises, which include financial institutions, were hit by 20 percent of the attacks, high tech firms were subjected 14 percent of the tie, and public sector agencies were affected the least, with just 9 percent.

The report included only those attacks which were serious enough to require human intervention to mitigate the attacks. Lower-level attacks which customers were able to handle on their own were not included in the report.

Interestingly enough, Akamai reported DDoS attacks from 413 unique organizations, indicating that several of its customers had been targeted multiple times. There were 72 attacks against financial services organizations, which is no surprise considering the wave of large DDoS attacks that paralyzed major banks including Bank of America, JPMorganChase, Capital One, US Bank, and others.

Retailers were especially tempting targets for DDoS attacks because an attack on their Web site typically has direct financial impact on their bottom line, Akamai said. This is especially true during the holiday season, the company said.

"In many ways, DDoS has become the weapon of choice for multiple types of attackers, from political activists to criminals, and potentially even nation-states," Akamai said. Attackers are changing their tactics, making it harder for organizations to defend themselves, the company said.

Akamai also examined Internet disruptions in Syria, Bangladesh, and Senegal during the quarter. China remained the largest source of cyber-attacks, with nearly 41 percent of observed attack traffic originating in that country, Akamai found.

China was also the top source during the third quarter, accounting for 33 percent of attack traffic. Attacks originating in the United States dropped slightly to 10 percent over the quarter. Turkey, Russia and Taiwan rounded out the remainder of the top 5 originating countries.

Source of Cyber Attacks in Q4 2012

The fact that China remained at the top of the list isn't so surprising. Earlier this year, Mandiant released a hefty report outlining evidence its researchers had gathered linking an "overwhelming" number of cyber-attacks to China, even to a specific military group. Even the Verizon's 2013 Data Breach Investigation Report called out China for cyber-espionage and other targeted attacks. Verizon claimed China was behind 30 percent of data breaches in its report.

"Looking at the full year, China has clearly had the most variability (and growth) across the top countries/regions, originating approximately 16 [percent] of observed attack traffic during the first half of 2012, doubling into the third quarter, and growing further in the fourth quarter," Akamai said.

Verizon’s 2013 Data Breach Investigations report also highlighted security threats traced to China, noting that state-affiliated actors tied to China were the biggest movers in 2012, with intellectual property theft consisting almost 20 percent of the breaches examined in its report.

view counter
Fahmida Y. Rashid is a Senior Contributing Writer for SecurityWeek. She has experience writing and reviewing security, core Internet infrastructure, open source, networking, and storage. Before setting out her journalism shingle, she spent nine years as a help-desk technician, software and Web application developer, network administrator, and technology consultant.