News

Akamai: Predicting Attacks a Mixed Bag (CDSA)

By Chris Tribbey

Stuart Atherton, a security specialist with Akamai, is worried that media and entertainment companies still aren’t prepared for the security threats they face today.

The attacks have become more sophisticated, state-sanctioned cyber attacks are now the norm, and hackers don’t even need to spend any time or resources on writing code, with online tools that do the work for them, Atherton said during a recent Akamai security presentation.

But there’s definitely one thing media and entertainment companies can count on and prepare for: “Any time there’s a big event, we expect to see that event attacked,” he said. But even then, predicting when the attacks will occur is a mixed bag.

He pointed to the 2012 Olympics in London, where the majority of attacks came during the opening ceremonies and the first day of competition. The opening ceremony saw 132 billion requests processed by Akamai’s wide area file services (WAFs), 10 times that from the 2010 winter Olympics. There were also 129 million malicious requests. And the opening day of competition saw 127 times the rules triggered during the Winter Olympics, including more than 182 million denied requests.

The 2014 World Cup in Brazil was similar in that a huge amount of attacks occurred during the opening ceremonies, but after that, the attack traffic became more random. The opening game between Brazil and Croatia was a good example: when Brazil began dominating (they won 3-1) each goal scored or other turning points in the contest Akamai saw massive amounts of attack traffic coming out of Croatia itself, mostly targeted at Brazilian companies. “And this wasn’t isolated,” Atherton said.

The same pattern emerged for Spain vs. The Netherlands, Chile vs. Australia, and the Ivory Coast vs. Japan. Attack traffic spiked during goals scored and turning points of the contests. “The bottom line is, you can never plan for the random,” Atherton said. “You can be attacked any time, by anyone, for any reason, regardless of how much or little you’re involved or associated with what’s going on.”

In all, there were double the distributed denial of service (DDoS) attacks in 2014 than there were in 2013, or as many as 50 a week, according to Akamai data, and the size of attacks are rising as well (both in terms of gigabytes per second and millions of packets per second). Akamai estimates three of every four companies will be targeted by Web application exploits, and that Web apps are targeted in 54% of all hacking-based data breaches.

China and the U.S. remain the top two countries where the most attacks are launched from. In terms of industries attacked, gaming tops the list, accounting for more than a third of the targets, with software and technology second at more than 25%. Internet and telecommunications companies took the third spot at 13.77%, with media and entertainment fourth, with 7.45%.

“We did see a drop in the media and entertainment space,” Atherton said. “The previous two quarters they saw by far the second-most attacks.”