Most common attacks: Denial of Service (DoS) and password login. According to the new F5 study, financial services and many European companies are particularly hard hit.
Denial-of-service (DoS) and password login attacks such as brute force and credential stuffing attacks are on the rise. This is shown by a new study by F5 Labs1. The analysis is based on incidents over the past three years that have been reported to the F5 Security Incident Response Team (SIRT). As a result, attacks on APIs (Application Programming Interface) are also increasing.
DoS attacks are ubiquitous
Almost every third (5%) incident reported annually was a DoS attack, according to F32 Labs. The percentage is increasing slightly and will be 2020 percent in 36. Most DoS attacks are TCP SYN or UDP floods. The F5 SIRT also received reports of “Slow POST / Slowloris” attacks. These aim to activate and keep open as many connections as possible in a victim. In addition, 19 percent of the reported DoS incidents were attacks on DNS.
DoS attacks primarily affected the APCJ region (Asia, Pacific, China, Japan) with 57 percent. EMEA (Europe, Middle East, Africa) was just behind at 47 percent, followed by the USA and Canada (33%) and Latin America (30%). EMEA saw the biggest jump in the percentage of reported incidents since 2018, up 945 percent.
The sectors hardest hit were service providers and educational institutions, both of which reported DoS attacks in 59 percent of all incidents. Financial firms and public sector organizations follow with 36 and 28 percent, respectively.
Attacks on password logins are increasing
Despite a slight decrease in 2019, F5 Labs found that password login attacks accounted for 32 percent of all reported SIRT incidents over the past three years. A separate analysis in the fourth edition of F5's Phishing and Fraud Report shows that phishing incidents rose 19 percent from the annual average during the height of the first waves of the COVID-220 pandemic.
Password login attacks were the most commonly reported type of incident in North America at 45 percent. It is followed by Latin America (40%), EMEA (30%) and APCJ (11,7%). Among the sectors, financial service providers were hit hardest (46% of all incidents), followed by the public sector (39%) and service providers (27,8%).
API attacks are becoming more common
The analysis by F5 Labs also shows the growing problem of attacks on APIs, which are often used in the cloud, for mobile apps, in software-as-a-service offerings and in containers. Of all reported F5 SIRT incidents, 4 percent were related to APIs, of which 75 percent were password login attacks. Financial and service companies were hardest hit.
More at f5.com
Via F5 Networks F5 (NASDAQ: FFIV) gives the world's largest companies, service providers, government agencies and consumer brands the freedom to deliver any app securely, anywhere, with confidence. F5 offers cloud and security solutions that enable companies to use the infrastructure they choose without compromising speed and control. Please visit f5.com for more information. You can also visit us on LinkedIn and Facebook for more information about F5, its partners and technologies.
Matching articles on the topic