2019 State of the Internet / Security: 2019 — A Year in Review
2019 was a big year in security. While major media made headlines out of Facebook breaches and ransomware attacks, security professionals worked behind the scenes to fend off vulnerabilities, bots, and other threats. In our new report, State of the Internet / Security: 2019 — A Year in Review, we reexamine some of the year’s most important developments, with particular attention to research from Akamai’s Security Intelligence Response Team (SIRT). We’ll also update many of the charts that we published in 2019, including those relating to DDoS targets, credential stuffing, and web application attack vectors. Download the report now.
2019 State of the Internet / Security: Phishing - Baiting the Hook
Despite waves of user training and endpoint defenses, phishing still works. Verizon reports that 32% of all data breaches and 78% of cyber-espionage incidents involved some form of phishing. Today, criminals use phishing kits, sold on the dark web, to better impersonate well-known brands. Mobile devices and social media help attacks propagate more quickly. Sometimes phishing sites evade detection by hiding on legitimate websites and servers. Our new report, State of the Internet / Security: Phishing — Baiting the Hook, shows you how this oldest of cyberattacks has evolved to ensnare even the savviest security teams and users. Download it now.
2019 State of the Internet / Security: Media Under Assault
Average daily web attacks against technology and media companies almost doubled between January 2018 and June 2019. In this same period, 35% of all credential stuffing attacks targeted these verticals. For this new State of the Internet / Security report, we look at the sources, techniques, and trends in this growing threat. You’ll see what 98% of web attacks against media and technology sectors have in common. And why video media attracts more credential stuffing attacks than any other vertical. You’ll also learn about the unique security challenges that streaming media companies face, including a shortage of security talent.
2019 State of the Internet / Security: Financial Services Attack Economy
Attacks on financial services institutions are growing in both quantity and sophistication. Our new State of the Internet / Security report studies criminal behavior across this advanced and expansive financial services attack economy: from a popular authentication mechanism for staging credential stuffing attacks to the use of stolen identities to cash out ill-gotten gains. The report identifies leading DDoS and application-layer attack vectors, lucrative phishing variants, and how criminals stage decoy attacks to distract from their real targets. Attacks that prove successful in financial services often move on to other industries. Download the report, and see what petabytes of data tell us.
2019 State of the Internet / Security: Web Attacks and Gaming Abuse
Criminals go where the money is. And these days, there’s real money to be stolen in the virtual world of gaming. Our latest State of the Internet / Security report delves into the growing popularity of credential stuffing attacks against the gaming industry. In one 17-month period, we counted 12 billion attacks. We went over to the darknet and found some surprising reasons why. We also found another surprise in our study: Two vectors account for nearly 90% of all web application attacks. Also in this issue, Akamai CMO Monique Bonner shares three unexpected observations about security professionals.
2019 State of the Internet / Security: Credential Stuffing - Attacks and Economies (Special Media Report)
This special issue of the “State of the Internet / Security” report focuses on the hundreds of millions of credential stuffing attacks that occur each day, especially those aimed at video, gaming, entertainment, and other media organizations. The report describes tools and tutorials available online at little or no cost to criminals seeking to exploit stolen username/password or email/password combinations, including All-in-One (AIO) applications such as SNIPR. It also looks at the thriving darknet marketplaces for stolen accounts, a virtual shopping mall for credential abuse attackers. Akamai security researchers also recommend methods to reduce the threat of credential stuffing attacks.
2019 State of the Internet / Security: Retail Attacks and API Traffic
This issue of State of the Internet / Security provides insightful security research and intelligence into three security risks many organizations may overlook. First, a survey of API traffic reveals that APIs now account for 83% of all hits, while HTML traffic has fallen to 17% of traffic. Second, research into DNS traffic reveals that IPv6 traffic may be underreported; many systems capable of IPv6 still show a preference for IPv4. Lastly, our look at credential abuse and the botnets that abuse retailer inventories shows that this is a rising problem that needs attention.
2019 State of the Internet / Security: DDoS and Application Attacks
Sometimes a DDoS or web application attack isn’t. We saw 875,000 POST requests per second targeting a customer in Asia and uncovered the real cause — so you can avoid it. The State of the Internet / Security DDoS and Application Attacks report provides insightful security research and intelligence. Learn about the evasion tactics attackers use to circumvent bot management defenses. We mined job postings to identify the skill sets they seek to help you understand your threat environment. Take time out for mental health with information on how mitigate the risk of stress and burnout in your security team.