Need cloud computing? Get started now

PRESS RELEASE

Akamai Research Finds Up To 16 Percent of Organizations Exhibited Signs of a Breach in 2022

Report Tracks Global Spread of Malware Such as Emotet and QSnatch.

Cambridge, MA USA | March 14, 2023

Share

 Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, today announced a new State of the Internet report that focuses on malicious Domain Name System (DNS) traffic. The report, titled, Attack Superhighway: Analyzing Malicious Traffic in DNS finds that roughly 10-16 percent of organizations have exhibited signs of malicious command and control (C2) indicating a network breach during the past year.

Akamai observes nearly seven trillion DNS requests daily and classifies malicious DNS transactions into three main categories: malware, phishing and command and C2. These attacks present a major threat to both enterprises and home users. 

Attack Superhighway analyzes malicious DNS data and links attackers to malware such as Emotet, a malware strain that is now one of the most dangerous cybercrime services and QSnatch, which targets backups or file storage and is the largest botnet threat in enterprise environments.

Additional findings of the report include:

  • 26 percent of affected devices have attempted to reach out to known initial access brokers (IAB) C2 domains, including Emotet-related domains. IABs present a large risk to organizations as their primary role is to initiate the breach and sell access to ransomware groups and other cybercriminal groups. 
  • Network-attached storage devices are ripe for exploitation as they are less likely to be patched and they hold troves of valuable data. Akamai data shows attackers are abusing these devices through QSnatch, a large botnet, with 36 percent of affected devices showing traffic leading to C2 domains related to this threat. 
  • Attacks on home networks are seeking to abuse not only traditional devices like computers, but also mobile phones and Internet of Things (IoT) devices. A significant amount of attack traffic can be correlated with mobile malware and IoT botnets.  

Attack Superhighway also includes regional and industry attack data. While QSnatch is always the leading threat globally, other prevalent attacks vary across regions with Emotet, REvil, Ramnit and Agent Tesla being the other most common attacks. Regional trends are vital for organizations to consider as they decide on a particular threat focus and vulnerability management strategies,

“This new report shows the massive range of cybercrime in the modern threat landscape,” said Steve Winterfeld,  Advisory CISO at Akamai.  “Attackers are unfortunately finding success when they leverage as-a-service hacking tools and are able to combine various tools in a single integrated multi-stage attack. Attack Superhighway details methodologies and analyzes indicators of these types of attacks while offering recommendations for mitigating them.”

Akamai is holding a two-part webinar where we will offer a closer examination of the DNS traffic for 2022 uncovered in Attack Superhighway. We will cover how we amassed the data as well as key findings and insights. Register here for this free event.

For additional information, the security community can access, engage with, and learn from Akamai’s threat researchers by visiting the Akamai Security Hub and following the team on Twitter at @Akamai_Research.

About Akamai

Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense in depth to safeguard enterprise data and applications everywhere. Akamai’s full-stack cloud computing solutions deliver performance and affordability on the world’s most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.