Akamai Diversity

Akamai Security Intelligence
& Threat Research

State of the Internet Volume 5, Issue 2

It's the most wonderful time of the security year - it's almost RSA week!

If the world is coming together to talk about security next week, we figured we should join the conversation with our latest State of the Internet report.

Joining the conversation is a big part of security departments these days, as we move away from being perceived as a "department of no" to really being seen as a business partner. Our job? To identify risks. Is it hard? Yes. Understanding the variations and nuances that might have a significant effect on a business decision is a difficult process, even for the topics we know intimately.

The stories we cover in this issue of our State of the Internet Report, highlight aspects of security that we feel many organizations are not as aware of as they should be.

Our survey of API traffic surprised us - it  reveals that 83% of the hits we see are API driven. Analysis of our ESSL network highlighted a 83% to 17% split between API traffic and HTML traffic on our secure content. If you're thinking this is a large increase, then you're right. This is a significant increase since 2014, when the same survey was performed. For security practitioners, this is vitally important as not all tools are capable of handling this shift from HTML to API, and you may be missing a major source of malicious traffic in your defenses.

We dove into some research around DNS traffic, and it revealed that IPv6 traffic may actually be underreported. Only 11% of traffic was IPv6 as of July 2017. High level statistics on DNS traffic at Akamai's authoritative nameservers show that the vast majority of traffic is still IPv4. However, as our researcher dug deeper, they found that systems capable of IPv6 still show a preference for IPv4.

Finally, credential abuse and botnets abusing retailer inventories is a rising problem that needs attention. On average, organizations report experiencing 12.7 credential stuffing attempts each month, with each attempt targeting 1,252 accounts. We detected nearly 28 billion credential stuffing attempts between May and December 2018. Within the retail industry, the apparel vertical, experienced 3.7 billion attempts on its own, making it the largest targeted industry during the same timeframe. So why is retail, as well as apparel, such at hot target? Short answer? Money.

The Internet is a quickly changing and shifting landscape, and these trends are just the beginning of a large shift. Security teams and professionals must constantly think outside the box in order to develop new ways to keep users and businesses secure and safe. So, while conversations around security are bound to happen next week, take the rest of this week to read the latest State of the Internet, Volume 5, Issue 2.

Leave a comment