DDoS Attacks Surge Against Vulnerable Assets: Are You Prepared?
This blog post was updated on 07/19/2024.
As cybercriminals target vulnerable points of the internet, Akamai extends its protections.
Akamai protects some of the world’s largest and most visible organizations from a wide range of cyberattacks. Over the years, we’ve observed a powerful pattern: Once an organization adopts Akamai Prolexic DDoS defense, cybercriminals often cease ongoing attack campaigns.
Unlike other cyberattacks, distributed denial of service (DDoS) is a deliberate attack on an organization’s network. Attackers are less motivated to target organizations that they know are already protected by the industry’s leading DDoS defense solution — so it’s no surprise that cybercriminals often avoid IP ranges that are routed through Prolexic’s scrubbing network.
An overview of the evolving threat landscape
Even though many attackers avoid Prolexic-protected customers, we’ve observed two clear trends:
Attacks against a wider range of customers
Off-the-radar targets within customer networks
In April 2023, we noticed a new peak of total customers affected by large-scale DDoS attacks — and this record was quickly broken again in June 2023 (Figure 1).
Fig. 1: The number of customers affected by a large-scale DDoS attack per month hit a record peak in June 2023 (Source: Akamai Prolexic Threat Intelligence)
Since 2022, attackers have been persistently hitting everything all at once via horizontal and multidestination attacks.
Previously, the attack distribution we observed against our customer base was highly concentrated. So much so that 10% of customer data centers saw 90% of all attacks. This year we have seen a record 40% of attacks leveled against the less targeted customers (Figure 2) — a much less concentrated attack distribution.
Fig. 2: Attacks on irregularly targeted locations (Source: Akamai Prolexic Threat Intelligence)
Akamai customers (especially those leveraging proactive defensive measures like zero-second SLA or Prolexic Network Cloud Firewall) often feel little to no impact, only learning about attacks from after-action summaries.
However, given the recent spate of cyberattacks, it’s safe to say that the rest of the internet may have a different experience (Figure 3).
Fig. 3: Headlines about the rise in cybersecurity attacks (Source: Akamai Prolexic presentation at BlackHat 2023)
Attackers are targeting the vulnerable
Although Akamai offers the go-to cybersecurity solution used by some of the world’s largest and the most influential companies, much of the internet still isn’t defended by Akamai Prolexic’s protective shield.
Small and medium-sized organizations in multiple industries — and sometimes even government institutions and critical public infrastructures like schools, healthcare centers, and transportation and logistics centers — are vulnerable to the simplest of cyberattacks because of inadequate security budgets and limited in-house personnel. This is particularly worrisome in light of the significant resurgence in DDoS attacks.
DDoS attacks aim to render a network or website inaccessible by overwhelming it with unwanted, malicious traffic. These attacks use malware to exploit network vulnerabilities and compromise devices. DDoS attacks disrupt business operations resulting in significant financial losses and damages to brand reputation.
Take the Russian hacker incident of 2022, in which DDoS attacks caused significant disruption in several high profile government websites. As cyberattacks become more sophisticated and prevalent, all organizations must implement robust security measures to protect against pressing threats.
The Greek Herald recently reported on an attack on a Greek agency that interrupted end-of-year testing. Other channels have reported on the increased targeting of hospitals in Europe and the United States earlier this year. In late 2022, we witnessed a mass targeting of airport websites.
Organizations and institutions may become vulnerable targets for DDoS attacks when they sign up for fragmentary protections via lower-end or freemium solutions that offer rudimentary protection against targeted attacks from hacktivists and state-sponsored cybercriminal groups. Effective levels of protection are then offered as paid add-ons that quickly ramp up the total cost for vulnerable victims.
Unsurprisingly, Akamai has noticed a steady stream of new customers on the heels of effective attacks against the freemium offerings.
Contending with an expanding threat landscape
In the quest for comprehensive security and a simplified enterprise technology landscape, organizations of all sizes are now seeking cohesive, end-to-end solutions. This is particularly true for small and medium-sized organizations and critical public infrastructure companies that are vulnerable to a wide spectrum of attacks, ranging from the simplest of vectors to multiple extortion.
The threat landscape widens further for these companies as their employees continue to work remotely and access key systems from home Wi-Fi networks, which are more vulnerable to attacks. Basic VPN solutions are inadequate when it comes to securing such vulnerabilities.
Comprehensive solutions for 360-degree security
Akamai Prolexic
Akamai Prolexic is a purpose-built DDoS protection platform that is available on-prem, in the cloud, or as a hybrid of both. Prolexic Cloud is powered by advanced automation, machine intelligence, and a global network of several cloud scrubbing centers across 32 global metro areas and more than 20 Tbps of dedicated defense capacity.
The keyword to note there is “dedicated” — unlike some solutions that piggyback on their content delivery network capacity, thereby offering cybercriminals a single point of defense to overcome. To put Prolexic’s defense capacity in perspective, even the largest known Layer 3 and Layer 4 DDoS attacks don’t make up 10% of the capacity available to Prolexic customers.
Prolexic Network Cloud Firewall
Prolexic also extends your defenses beyond DDoS with Prolexic Network Cloud Firewall. Customers can quickly, centrally, and globally block traffic that they don’t want to hit their networks or certain targets within their networks. Prolexic Network Cloud Firewall also recommends access control lists for the best proactive defense posture based on Akamai’s threat intelligence data, and delivers actionable analytics of existing rules.
As a next-generation firewall as a service (FWaaS), Prolexic Network Cloud Firewall empowers customers to:
Define proactive defenses to block malicious traffic instantly
Alleviate local infrastructure by moving rules to the edge
Quickly adapt to network changes via a new user interface
Akamai Edge DNS
Akamai Edge DNS offers a comprehensive, purpose-built, cloud-based authoritative DNS solution that uses the scale, security, and capacity of Akamai Connected Cloud to distribute your DNS zones across several thousand servers across the globe.
Customers delegate their zone authority to Edge DNS by updating nameserver records at the registrar and using those provided by Akamai. Edge DNS provides an unparalleled attack surface and proactive security controls that can mitigate even the largest DNS attacks without impacting a customer's DNS performance, reliability, and availability.
Akamai Shield NS53
Akamai Shield NS53 is a bidirectional DNS proxy solution that protects key components of your origin DNS infrastructure from resource exhaustion attacks. Using an intuitive user interface on the Akamai Control Center, you can self-configure, administer, manage, and enforce your organization’s specific dynamic security policies in real time. Illegitimate DNS queries and DNS attack floods are dropped at the edge of the Akamai network, keeping your DNS secure, reliable, and available.
Akamai App & API Protector
Akamai App & API Protector is a single solution that brings together many security technologies, including web application firewall (WAF), bot mitigation, API protection, and application layer DDoS defense. App & API Protector is recognized as the leading WAAP solution for swiftly identifying and mitigating threats beyond the traditional WAF to protect entire digital estates from multidimensional attacks. The platform is easier to implement and use, provides holistic visibility, and automatically implements up-to-date, customized protections via Akamai Adaptive Security Engine.
Learn more
Talk to an Akamai cybersecurity expert today to learn how you can protect your employees and organization from cyberattacks.
