State of the Internet: Old botnet strikes again
The report, using data gathered from the Akamai Intelligent Platform, provides analysis of the current cloud security and threat landscape, as well as insight into seasonal trends.
Attacks greater than 100 Gbps increased 140 percent year-over-year from Q4 2015.
The largest DDoS attack in Q4 2016, which peaked at 517 Gbps, came from Spike, a non-IoT botnet that has been around for more than two years.
Seven of the 12 Q4 2016 mega attacks, those with traffic greater than 100 Gbps, can be directly attributed to Mirai.
The number of IP addresses involved in DDoS attacks grew significantly this quarter, despite DDoS attack totals dropping overall.
The United States sourced the most IP addresses participating in DDoS attacks – more than 180,000.
Web application attacks:
The United States remained the top source country for web application attacks, showing a 72 percent increase from Q3 2016.
SQLi, LFI, and XSS web application vectors accounted for 95 percent of observed web application attacks in Q4 2016, similar to Q3 2016.
The number of web application attacks in Q4 2016 was down 19 percent from Q4 2015; however, research into retail traffic over the United States Thanksgiving holiday week revealed an upward trend for four sub-vertical that all suffered from significant web application attacks. ■