This article first appeared in The Edge Financial Daily, on June 9, 2016.
KUALA LUMPUR: Global businesses, especially in rapidly growing economies like Malaysia and Southeast Asia, are facing growing threats of distributed denial of service (DDoS) attacks, according to Akamai Technologies Inc in a statement yesterday.
The statement came in conjunction with the release of its report titled “State of the Internet for the first quarter of 2016 (1Q16)”, which noted a 126% year-on-year (y-o-y) rise in DDoS attacks across the Akamai Intelligent Platform.
According to Akamai, an Internet services provider based in Cambridge, Massachusetts in the United States, the platform is the world’s largest cloud-based platform for securely distributing and accelerating web content, enterprise applications and video.
Sectors that are especially vulnerable to attacks include financial services, software and technology, media and entertainment, public sector assets, education, Internet and telecom assets, retail, gaming, hotel and travel service providers, said the report.
Sixty per cent of the attacks that occurred in 1Q16 used at least two attack vectors at once, making defence more difficult.
“The continued rise of multi-vector attacks suggests that attackers or their attack tools are growing more sophisticated,” the report stated.
An attack vector is a path or means by which a hacker or cracker can gain access to a computer or network server to wreak havoc. A multi-vector attack is known as the most complex type of DDoS attack as it is a combination of different DDoS attack tools and approaches.
“This causes problems for security practitioners, since each attack vector requires unique mitigation controls,” the report noted.
There was also more repeat attacks against online assets, with one Akamai customer recording 283 attacks against them in 1Q16. “That represents three separate attacks per day. Attackers seem to be becoming more persistent in trying to disrupt services of their targets.”
In the past, many attackers when seeing a site or network was protected would move on, said Akamai. But now, attackers tend to hammer away at high-value organisations, regardless of the results, looking for a moment when defences might drop.
“Another reason for the continued increase in repeat attacks is that acquiring and outfitting DDoS attack platforms has become cheap and easy to use,” it added.
DDoS attacks are also being used as a diversion technique to exhaust company resources, while attacks are launched against the primary target.
Meanwhile, the number of mega attacks — attacks that exceeded 100 gigabites per second — rose 137% y-o-y, with the largest hitting the software and technology, gaming, and media and entertainment sectors.