UPDATED 08:30 EST / AUGUST 20 2024

SECURITY

Fastly report reveals 91% of cyberattacks now target multiple organizations

A new report out today from edge cloud platform provider Fastly Inc. has found that 91% of all cyberattacks now target multiple organizations using mass scanning to uncover and exploit vulnerabilities, up from 69% in 2023.

Based on data collected between April 11 and June 30 from Fastly’s Network Learning Exchange, Out-of-Band Domains and Fastly Bot Management, the report also found that along with 91% of attacks targeting multiple customers, 19% also targeted more than 100 different customers.

Of the IP addresses being used, 49% appeared for only one day, with the average being 3.5 days. Attacks were found to use internet protocol addresses for a short period to avoid detection, highlighting the importance of adaptive security controls.

By target, technology companies were found to account for the most targeted, with 37% of all attacks targeted at the sector, though down from 46% in 2023. Media and entertainment was in second place, attracting 21% of all attacks, followed by financial services at 17%.

Bots comprised more than one-third of internet traffic, coming in at 36% of all traffic observed, with the remaining 64% coming from human users. Though bot traffic can be attributed mostly to requests generated by automation tools, a significant portion of the bot traffic was found to be malicious or undesirable in nature, including account takeover attacks, ad fraud, carding and other nefarious users.

Some of the “unwanted” bots detailed in the report were also found to impersonate well-known benign bots to evade simple detection and carry out their intended activity, what Fastly calls “imposter bots.” Of the bots monitored, 75% of the bot traffic was classified as unwanted, whereas the remaining 25% consisted of verified wanted bots.

The report also covers out-of-band domain tooling, domains used by attackers outside the normal traffic flow to manage or exploit vulnerabilities. These domains are often used for activities like injecting malicious content, installing backdoors, or tracking compromised systems without detection.

The largest portion of out-of-band domains, 53%, were found to be self-hosted callback servers using open-source projects, such as Project Discovery’s interacts and Matthew Bryant’s XSS Hunter Express. “As a best practice, we recommend you monitor and track the usage of out-of-band domains to help identify compromised systems, detect ongoing attacks, and uncover attacker methodology,” the report notes.

Image: SiliconANGLE/Ideogram

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU