CLOUD-delivery platform provider Akamai Technologies Inc. announced on May 17 that threats to the Internet continue to evolve.
“If our analysis of the [first quarter] tells us anything, it’s that risks to the Internet and to targeted industry sectors remain and continue to evolve,” said Martin McKeay, Akamai senior security advocate.
“Use cases for botnets like Mirai have continued to advance and change, with attackers increasingly integrating Internet of Things vulnerabilities into the fabric of DDoS botnets and malware.”
McKeay and Akamai released its report five days after the Wannacry ransomware was detected.
“It’s shortsighted to think of Mirai as the only threat, though. With the release of the source code, any aspect of Mirai could be incorporated into other botnets,” McKeay added. “Even without adding Mirai’s capabilities, there is evidence that botnet families, like BillGates, elknot and XOR, have been mutating to take advantage of the changing landscape.”
McKeay said Akamai customers in the financial services industry were also targeted in the first quarter with a DNS (domain name system) query flood included in the Mirai malware.
According to Akamai, the US remained the top source country also for Web application attacks, showing another significant year-over-year increase—up 57 percent from the first quarter of 2016.
The Netherlands, in second for the top source of Web application attacks of the first quarter of the year, dropped to 13 percent from 17 percent in the previous quarter, remaining a consistent source of attack traffic and a large proportion of attacks from a country of only 17 million citizens.