SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Akamai researches top three internet security threats
Fri, 10th Jun 2022
FYI, this story is more than a year old

Akamai Technologies has released three new research reports focusing on three of the most critical areas of web security: ransomware, web applications and APIs, and DNS traffic.

The Akamai Ransomware Threat Report looked at the rise of Ransomware-as-a-Service (RaaS) attacks, including from the Conti ransomware gang.

It found that Australia is the seventh most targeted country for Conti ransomware attacks, with 60% of successful attacks conducted on United States companies.

The report found most successful Conti attacks target businesses with $10-250 million in revenue, indicating a “goldilocks” range of successful attack targets among medium and small businesses.

Akamai says the gang's tactics, techniques, and procedures (TTPs) are well-known but are highly effective.

The company says Conti's emphasis in their documentation on hacking and hands-on propagation, rather than encryption, should drive network defenders to focus on those parts of the kill chain instead of focusing on the encryption phase.

The Akamai Web Application - API Threat Report found significant increases in web application and API attacks across the globe in the first half of 2022, with more than nine billion attack attempts to date.

Web application attack attempts against customers grew by more than 300% year over year in H1, the largest increase Akamai has ever seen. Akamai says Australia accounts for 7.8% of web application and API attacks.

It says LFI attacks now surpass SQLi attacks as the most predominant WAAP attack vector, increasing by nearly 400% year over year. Commerce was the most impacted vertical, accounting for 38% of recent attack activity, while technology has seen the most growth so far in 2022.

The Akamai DNS Traffic Insights Threat Report analysed more than seven trillion DNS queries every day. It found about one out of ten monitored devices communicated at least once to domains associated with malware, ransomware, phishing or command and control.

Akamai says phishing traffic showed that most victims were targeted by scams that abused and mimicked technology and financial brands, which affected 31% and 32% of the victims, respectively.

According to research that analysed more than 10,000 malicious JavaScript samples representing threats like malware droppers, phishing pages, scammers and cryptominers' malware — at least 25% of the examined samples used JavaScript obfuscation techniques to evade detection.

Akamai's senior director of security research Ofri Ziv says these new reports offer a detailed look into some of the most pressing security issues facing organisations today.

“Akamai's unparalleled visibility across much of the global threat landscape allows our researchers to analyse and correlate events that are seldom seen by other groups,” he says.

“We hope to help the community understand where threat actors are focused and how to better protect themselves from new threats as these threats continue to evolve.”