Akamai Releases Third Quarter 2016 State of the Internet / Security Report

Q3 report highlights a 138 percent YoY increase in total DDoS attacks greater than 100 Gbps with two record DDoS attacks caused by the Mirai Botnet Web application attacks decreased by 18 percent YoY; 20 percent of all web application attacks in Q3 originated from the United States

Cambridge, MA |

Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today released its Third Quarter, 2016 State of the Internet / Security Report. The report, using data gathered from the Akamai Intelligent Platform, provides analysis of the current cloud security and threat landscape, including insight into two record setting DDoS attacks caused by the Mirai botnet.

Download the latest State of the Internet / Security Report for data, analysis, and graphics.

“Every couple of years the industry faces what could be considered ‘harbinger attacks’, where the size and scope of a security event are radically different than what has come before. I believe the industry faced its latest ‘harbinger’ with the Mirai botnet,” explained Martin McKeay, senior security advocate and senior editor, State of the Internet/Security Report. “The Mirai botnet also made concrete the industry’s fear that Internet of Things (IoT) and other Internet connected devices could be used for both web application and DDoS attacks, illustrating the need for device manufacturers to place a greater emphasis on security.”

From an historical perspective, Election Day traffic on Akamai in 2004 peaked at a relatively modest 21 Gbps. The 2009 Obama inauguration reached 1.1 Tbps and the Royal Wedding in 2011 hit 1.3 Tbps. More recently, the first 2016 Presidential debate peaked at 4.4 Tbps in September.

Highlights from Akamai’s Third Quarter, 2016 State of the Internet / Security Report include:

DDoS Attacks

  • The two largest DDoS attacks this quarter, both leveraging the Mirai botnet, were the biggest observed by Akamai to-date – recorded at 623 Gbps and 555 Gbps.
  • Compared to Q3 2015, total DDoS attacks increased 71 percent in Q3 2016.
  • During the third quarter, Akamai mitigated a total of 4,556 DDoS attacks, an eight percent decrease from Q2.
  • There were 19 mega attacks mitigated in Q3 that peaked at more than 100 Gbps, matching the Q1 2016 highpoint.
  • Q3 2016 showed that NTP reflection attacks are apparently becoming a less viable option for attackers. The average size of an attack relying solely on NTP reflection is approximately 700 Mbps, a significant drop from the June 2014 average of more than 40 Gbps.

Web Application Attacks

  • Q3 2016 showed an 18 percent decrease in total web application attacks from Q3 2015.
  • In Q3 2016, web application attacks sourced from the United States decreased by 67 percent from Q3 2015.
  • Brazil, the top country of origin for all web application attacks in Q2 2016, experienced a 79 percent decrease in attacks this quarter. The United States (20 percent) and Netherlands (18 percent) were the countries with the most web application attacks.
  • Web application attack metrics measured around major sporting events suggest malicious actors may take time off to watch their favorite teams. For example, on the day that France played Portugal in the European soccer championship, there was a 95 percent decrease in attacks sourcing from Portugal (20 attacks) as opposed to a day one month later (392 attacks). On the same day in France, there were 50,597 attacks as compared to 158,003 one month later – a 68 percent difference.

Spotlight on Attack Vectors

  • UDP fragments and DNS reflection attacks were the two most common vectors in Q3, accounting for 44 percent of all vectors – an increase of 4.5 percent from Q2.
  • Application layer attacks drove just 1.66 percent of all DDoS attacks, likely because of the level of technical knowledge needed to execute them. Infrastructure layer attacks are much easier to launch with point-and-click tools.

A complimentary copy of the Q3 2016 State of the Internet / Security Report is available for download. Download individual figures, including associated captions here.

For a detailed analysis on Mirai, please see section 2.4 of the report.

Akamai について

コンテンツ・デリバリー・ネットワーク(CDN)サービスのグローバルリーダーとして、Akamai は、インターネットを高速、安全、信頼できるものとしてお客様がご利用いただけるようにします。Akamai の先進的なウェブパフォーマンス、モバイルパフォーマンス、クラウドセキュリティおよびメディアデリバリーの各ソリューションは、デバイスと場所を問わず、コンシューマー体験、エンタープライズ体験、およびエンターテイメント体験を企業が最適化する方法を大きく変化させています。Akamai のソリューションとそのインターネット専門家チームが、企業のより速い進歩にいかに貢献しているかについて、www.akamai.com/jp/ja/ または blogs.akamai.com/jp/ および Twitter の @akamai_jp で詳細をご紹介しています。