India has the dubious distinction of ranking amongst the top 10 source and target countries for web application attacks.
According to Akamai’s Q1 2016 State of the Internet / Security Report, “In Q1 2016, the US was the main source of web application attacks, accounting for 43% of attack origin traffic. This was a 13% drop from last quarter. Brazil was the second-largest source country at 12%, followed by China and the Netherlands (8% each), Romania (7%), Russia and the UK (6% each), Germany (4%), and the Ukraine and India (3% each).”
The report further said, “Once again, the US had the distinction of being both the top source of web application attacks and the top target. Given that many companies have their headquarters and it infrastructure in the US, this makes sense. Sixty percent of web application attacks targeted the US, while only 9% targeted Brazil, 6% targeted the UK, and 5% targeted India.”
This quarter, the retail sector suffered the vast majority of web application attacks: 43%. The hotel & travel industry was targeted with 13% of attacks, followed by financial (12%), high technology (9%), media & entertainment (7%), the public sector (3%), SaaS (3%), and business services (2%), it said.
The report highlighted the following top trends in the security space:
- It is expected that the US and China will remain the top sources of malicious traffic because of the sheer number of devices, vulnerabilities, and users in these countries. But there will be the occasional surprise, such as the UK taking the top spot in Q3 2015 and Turkey in second place last quarter. It is likely that cloud providers will remain the biggest trouble spot unless they do more to improve their default system configuration security procedures.
- Distributed reflection Denial of Service (DrDoS) attacks will remain a popular weapon of choice for attackers, though it remains to be seen if vectors like NetBIOS, RPC, PORTMAP, and now TFTP servers become as prevalent in reflection DDoS attacks. Surprisingly, despite a decreasing number of ideal available resources, NTP reflection surged near the end of Q4 2015 and continued into Q1.
- Expect the heavy barrage of DDoS attacks against the gaming industry to continue, as players keep looking for an edge over competitors, while security vulnerabilities in gaming platforms continue to attract attackers looking for low-hanging fruit. Retail and financial services should also remain top targets, given the myriad opportunities malicious actors have to extract and monetize sensitive data.
- Retailers are expected to continue to suffer the vast majority of web application attacks, given the potential financial gains for attackers, and that SQLi and LFI will remain favorite vectors, because free and open-source tools are plentiful to find these vulnerabilities in sites.
- One driver for future threats is the continued proliferation of easy-to-use DDoS-for-hire technology. The same technologies that make the user experience easier for law-abiding people will also create an easier experience for the online criminal community.
BW Reporters
Yashvendra is Executive Editor in BW CIOWorld. He has over 15 years of experience in journalism. Starting his career in 2000 with the Press Trust of India, he has worked in organizations such as The Indian Express, IDG (International Data Group) and Business India. During the course of his career, he has covered a range of sectors, and has been instrumental in launching several brands