Report Tracks Global Spread of Malware Such as Emotet and
QSnatch.
CAMBRIDGE, Mass., March 14,
2023 /PRNewswire/ -- Akamai Technologies, Inc.
(NASDAQ: AKAM), the cloud company that powers and protects life
online, today announced a new State of the Internet report that
focuses on malicious Domain Name System (DNS) traffic. The report,
titled, Attack Superhighway: Analyzing Malicious Traffic in
DNS, finds that roughly 10-16 percent of organizations
have exhibited signs of malicious command and control (C2)
indicating a network breach during the past year.
Akamai observes nearly seven trillion DNS requests daily and
classifies malicious DNS transactions into three main categories:
malware, phishing and command and C2. These attacks present a major
threat to both enterprises and home users.
Attack Superhighway analyzes malicious DNS data and
links attackers to malware such as Emotet, a malware strain that is
now one of the most dangerous cybercrime services and QSnatch,
which targets backups or file storage and is the largest botnet
threat in enterprise environments.
Additional findings of the report include:
- 26 percent of affected devices have attempted to reach out to
known initial access brokers (IAB) C2 domains, including
Emotet-related domains. IABs present a large risk to organizations
as their primary role is to initiate the breach and sell access to
ransomware groups and other cybercriminal groups.
- Network-attached storage devices are ripe for exploitation as
they are less likely to be patched and they hold troves of valuable
data. Akamai data shows attackers are abusing these devices through
QSnatch, a large botnet, with 36 percent of affected devices
showing traffic leading to C2 domains related to this
threat.
- Attacks on home networks are seeking to abuse not only
traditional devices like computers, but also mobile phones and
Internet of Things (IoT) devices. A significant amount of attack
traffic can be correlated with mobile malware and IoT
botnets.
Attack Superhighway also includes regional and
industry attack data. While QSnatch is always the leading threat
globally, other prevalent attacks vary across regions with Emotet,
REvil, Ramnit and Agent Tesla being the other most common attacks.
Regional trends are vital for organizations to consider as they
decide on a particular threat focus and vulnerability management
strategies,
"This new report shows the massive range of cybercrime in the
modern threat landscape," said Steve
Winterfeld, Advisory CISO at Akamai. "Attackers are
unfortunately finding success when they leverage as-a-service
hacking tools and are able to combine various tools in a single
integrated multi-stage attack. Attack Superhighway details
methodologies and analyzes indicators of these types of attacks
while offering recommendations for mitigating them."
Akamai is holding a two-part webinar where we will offer a
closer examination of the DNS traffic for 2022 uncovered in
Attack Superhighway. We will cover how we amassed the data
as well as key findings and insights. Register here for this
free event.
For additional information, the security community can access,
engage with, and learn from Akamai's threat researchers by visiting
the Akamai Security Hub and following the team on Twitter at
@Akamai_Research.
About Akamai
Akamai powers and protects life online. Leading companies
worldwide choose Akamai to build, deliver, and secure their digital
experiences — helping billions of people live, work, and play every
day. Akamai Connected Cloud, a massively distributed edge and cloud
platform, puts apps and experiences closer to users and keeps
threats farther away. Learn more about Akamai's cloud computing,
security, and content delivery solutions at akamai.com and
akamai.com/blog, or follow Akamai Technologies on Twitter and
LinkedIn.
Contacts
Jim
Lubinskas
Akamai Media Relations
703.907.9103
jlubinsk@akamai.com
View original content to download
multimedia:https://www.prnewswire.com/news-releases/akamai-research-finds-up-to-16-percent-of-organizations-exhibited-signs-of-a-breach-in-2022-301771085.html
SOURCE Akamai Technologies, Inc.