The Daily Swig Web security digest

Akamai traces sharp rise in SQLi attacks

James Walker | 29 November 2017 at 15:44

Number one OWASP threat shows no sign of abating.

Following OWASP’s recent announcement that SQL injection has retained its position at the top of the web application risk chart, new research suggests that the number of attacks utilizing this vector have risen sharply over the past year.

According to Akamai Technologies’ latest security report covering the three months to October 30, SQLi attacks have increased 62% year-on-year and 19% since the previous quarter.

This strong growth in SQLi drove an overall 69% increase in web application attacks around the world in the third quarter of 2017, Akamai said. The number of DDoS attacks increased by 8% year-on-year.

Taking stock of the rapid rise in illicit web activity over the past three months, the CDN and cloud services provider said ongoing Mirai activity – which uses IoT devices and was responsible for the quarter’s largest attack, at 109 Gbps – underlined the “vast potential” that exists for new sources of botnet armies.

“The lure of easy access to poorly-secured end nodes and easily-available source code make it likely that Mirai-based attacks won't be fading in the near future,” said Martin McKeay, senior security advocate and the report’s senior editor.

“Our experience suggests that an army of new potential attackers comes online every day. Couple with that, the ubiquity of Android software and the growth in the Internet of Things are amplifying the risk/reward challenges that enterprises face to tremendous levels.”

With the holiday shopping season now in full swing, Akamai said it expects that both the monetary and emotional aspects of attack dynamics will strongly influence behavior in the fourth quarter.

“The code base from Mirai is still being used and is evolving,” McKeay said. “In addition, criminals are getting better at hiding their command and control structures, using techniques like Fast Flux DNS.

“It would not be surprising if, during this holiday season, we see new attacks such as those based on IoT devices or mobile platforms.”