INFRA
INFRA
INFRA
Trillions of botnet requests drive massive rise in malicious login attempts
Trillions of botnet requests have driven a massive increase in credential abuse, with more than 40 percent of login attempts found to be malicious, according to a newly published report.
The number comes from Akamai Technologies Inc.’s Fourth Quarter 2017 State of the Internet/Security Report, which detected a staggering 7.3 trillion botnet requests per month.
That headline number breaks down to even more remarkable figures, with Akamai now detecting 2,750 bot requests per second every day. They account for more than 30 percent of all pure web traffic (excluding video streaming) across its monitoring platform.
“Increased automation and data mining have caused a massive flood of bot traffic to impact websites and Internet services,” Martin McKeay, senior security advocate and the senior editor of the report, said in a statement. “Although most of that traffic is useful for Internet businesses, cybercriminals are looking to manipulate the powerful volume of bots for nefarious gains.”
The rest of the report highlighted other disturbing trends as cybercriminals continue to increase their hacking efforts. Hackers were detected in the quarter to be activity turning to exploit remote code execution vulnerabilities in enterprise-level software to make enterprise systems part of the botnet threat. In one example given, hackers were said to be exploiting vulnerabilities in the GoAhead embedded HTTP server, which has 700,000 potential targets, along with the Oracle WebLogic Server.
Distributed denial-of service-attacks were found to have increased 14 percent from the same time last year, with Akamai finding a spike of nearly 1 million unique IP addresses linked to the Mirai botnet. That’s despite its original creators pleading guilty to their role in the creation and distribution of the botnet in December.
Interestingly, the hospitality industry is cited in the report as the biggest target of fraudulent credential attacks. Some 82 percent of their login attempts were from malicious botnets. The financial industry saw a sharp increase in the number of DDoS attacks, experiencing 298 attacks against 37 distinct organizations last quarter.
Akamai said it detected 146 petabytes of botnet traffic in November and 145 petabytes in December of bot traffic alone, approximately 550 megabits per second of botnet traffic.
“Enterprises need to watch who is accessing their sites to differentiate actual humans from both legitimate and malicious bots,” McKeay added. “Not all web traffic and not all bots are created equal.”
A full copy of the report is available for free via this link.
Image: christiaancolen/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
