Menu

IoT FEATURE NEWS

IoT Security Reports Review Bleak 2016, Bleaker 2017

By

The Akamai Technologies Q4 2016 State of the Internet Security Report shows a 140 percent year over year increase in DDoS attacks greater than 100 Gbps, while Verizon’s 2017 Data Breach Digest data suggests that such breaches are becoming more complex, pervasive and damaging.

Akamai has released its Fourth Quarter, 2016 State of the Internet/Security Report. The report uses data gathered from the Akamai Intelligent Platform to develop analysis of the most current cloud security and threat landscape in order to identify seasonal threat trends.

“As we saw with the Mirai botnet attacks during the third quarter, unsecured Internet of Things (IoT) devices continued to drive significant DDoS attack traffic,” said Martin McKeay, senior security advocate and senior editor, State of the Internet/Security Report, Akamai. “With the predicted exponential proliferation of these devices, threat agents will have an expanding pool of resources to carry out attacks, validating the need for companies to increase their security investments. Additional emerging system vulnerabilities are expected before devices become more secure.”

Some highlights:
DDoS Attacks

  • Attacks greater than 100 Gbps increased 140 percent year-over-year from Q4 2015
  • The largest DDoS attack in Q4 2016, which peaked at 517 Gbps, came from Spike
  • Seven of the biggest 12 attacks can be directly attributed to Mirai

Web Application Attacks

  • The United States was the top source for Web application attacks, with a 72 percent increase from Q3 2016.
  • SQLi, LFI, and XSS Web application vectors accounted for 95 percent of observed Web application attacks

Top Attack Vectors

  • Of the 25 DDoS attack vectors, the top three were UDP fragment, DNS, and NTP             

“If anything, our analysis of Q4 2016 proves the old axiom ‘expect the unexpected’ to be true for the world of web security,” continued McKeay. “For example, perhaps the attackers in control of Spike felt challenged by Mirai and wanted to be more competitive. If that's the case, the industry should be prepared to see other botnet operators testing the limits of their attack engines, generating ever larger attacks.”

In the Verizon 2016 Data Breach Investigations Report (DBIR), released recently, humans are again identified as a significant vector for data breaches and cybersecurity incidents, acting as threat actors, targeted victims and incident response stakeholders.

The 16 cases reviewed in the report are each told from the perspective of the various stakeholders involved, such as corporate communications, legal counsel, or the human resources professional.

“Data breaches are growing in complexity and sophistication,” said Bryan Sartin, Executive Director, RISK Team, Verizon Enterprise Solutions. “In working with victim organizations, we find that breaches touch every part of an organization up to and including its board of directors. Companies need to be prepared to handle data breaches before they actually happen in order to recover as quickly as possible. Otherwise, breaches can lead to enterprise-wide damage that can have devastating and long-lasting consequences such as a loss of customer confidence or a drop in stock price.”

This year's 16 data breach scenarios are classified according to prevalence and lethality in the field. Ten of the cases represent more than 60 percent of the 1,400 cases investigated by Verizon's Research, Investigations, Solutions and Knowledge (RISK) Team over the past three years, while the other six are less common but considered lethal or highly damaging to an organization. 




Edited by Alicia Young
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Editorial Director

SHARE THIS ARTICLE
Related Articles

LTIMindtree and Vodafone Partner for Smart IoT Solutions

By: Stefania Viscusi    4/25/2024

LTIMindtree announced a collaboration with Vodafone aimed at delivering connected and smart IoT solutions to drive Industry X.0 and digital transforma…

Read More

Securing Reliability in IoT: Memfault Highlights a Lack of Proactive Measures

By: Alex Passett    4/25/2024

New data released from IoT reliability platform Memfault just earlier this morning highlights the importance of proactivity when engineering IoT solut…

Read More

Spur Measurable IoT Growth through Viasat's ELEVATE Program - Registration for its ELEVATE Global Partner Event is Now Open!

By: Alex Passett    4/25/2024

Viasat's ELEVATE global partner event is right around the corner. From June 18-19 in Carlsbad, California, those interested in satIoT connectivity sol…

Read More

Assessing IoT Innovator LTIMindtree: Its 2023-24 Successes to Date and a Peek at What's Next

By: Alex Passett    4/24/2024

IoT Evolution World has presented a brief rundown of LTIMindtree's successes during FY24, as well as a peek at what's to come for the Internet of Thin…

Read More

Powering Adaptability in IoT: Telit Cinterion Reveals its First High-Precision GNSS Module

By: Alex Passett    4/22/2024

Telit Cinterion announced the launch of its SE868K5-RTK module, a high-precision Global Navigation Satellite System (GNSS) receiver capable of centime…

Read More