Web users are being bombarded with a significant rise in online attacks hijacking web-based applications, new reports have claimed.
The latest State of the Internet security report from Akamai, covering the third quarter of 2017, has revealed a 69 per cent raise in web application attacks during the last quarter compared to the previous year, with attacks increasing 30 per cent year-on-year in the last quarter alone.
Perhaps surprisingly, the bulk of the attacks appear to be coming from Western sources, with the study observing a 217 per cent in attacks coming from the U.S. in the last year, with an increase of 48 per cent in the last quarter as compared to the prior one.
Elsewhere, the report noted that the number of DDoS attacks in Q3 2017 increased by eight per cent compared to the previous quarter, highlighted by a 13 per cent increase in the average number of attacks per target (36).
Perhaps more alarmingly, the report also warns that large-scale IoT botnet threats like last year's Mirai attack, could be set to return as more and more connected devices are sold worldwide.
In fact, Mirai is still operational, the report says, and was in fact responsible for the largest attack seen in Q3 2017, coming in at 109GBps. This, coupled with the increasing presence of the WireX malware, which attacks and takes control of Android-powered devices, could mean that a new large-scale botnet attack is not far away. With many new IoT-enabled or connected smart devices set to arrive in homes and businesses following the holiday period, such an assault could be sooner than we think.
“The lure of easy access to poorly-secured end nodes and easily-available source code make it likely that Mirai-based attacks won’t be fading in the near future,” said Martin McKeay, senior security advocate and senior editor, State of the Internet / Security Report.
“Our experience suggests that an army of new potential attackers comes online every day. Couple with that, the ubiquity of Android software and the growth in the Internet of Things are amplifying the risk/reward challenges that enterprises face to tremendous levels.”
“It would not be surprising if, during this holiday season, we see new attacks such as those based on IoT devices or mobile platforms.”