Malicious bots that abuse stolen credentials remain one of the biggest threats to online businesses.
This is according to a new report by Akamai, based on the analysis of almost 112 billion bot requests and 3.9 billion malicious login attempts targeting travel and hospitality industries.
Almost 40 per cent of the traffic across hotel and travel sites is labelled as “impersonators of known browsers”, which is a known vector for fraud.
These attacks originate mostly from Russia, China and Indonesia, it was said, with roughly half of all traffic coming from these countries.
“These countries have historically been large centres for cyberattacks, but the attractiveness of the hospitality industry appears to have made it a significant target for hackers to carry out bot-driven fraud,” said Martin McKeay, Senior Security Advocate, Akamai and senior editor of the State of the Internet / Security report.
Even though DDoS attacks are the most common method of attack, there are other types of activities that are gaining popularity. One of those is the attack through group chats on STEAM and IRC. Instead of bots, these include human volunteers. Then, there’s the method in which malicious actors overwhelm DNS servers with bursts lasting several minutes.
“Both of these attack types illustrate how attackers are always adapting to new defences to carry out their nefarious activities,” said McKeay. “These attacks, coupled with the record-breaking 1.35 Tbps memcached attacks from earlier this year, should serve as a not-so-gentle reminder that the security community can never grow complacent.”
Image Credit: Profit_Image / Shutterstock