Bangalore, June 15 2019: Which two attack vectors account for almost 90% of web application attacks? How does an openly available $20 tool help criminals as young as 14 make thousands of dollars a week? Akamai's new State of the Internet / Security report, Web Attacks and Gaming Abuse, shares results from a 17-month analysis of Internet traffic in this criminally lucrative sector. The insights are valuable and include:
- How web attacks are evolving
- The latest trends in credential abuse and gaming
- 3 lessons about working with security teams.
This instalment of State of the Internet / Security examines credential stuffing and web application attack trends over the last 17 months, with a focus on the gaming industry. One reason gaming is so lucrative is the trend of adding easily commoditized items for gamers to consume, such as cosmetic enhancements, special weapons, or other related items. Gamers are also a niche demographic known for spending money, so their financial status makes them tempting targets. We began collecting credential abuse data at the beginning of November 2017 and chose to use the same period with our application attack data to make direct comparisons between plots easier for readers.
Credential abuse is nothing new for the gaming industry, where virtually any gamer can share an anecdote about an account that has been taken over due to credential stuffing attacks. Over the 17-month period, Akamai witnessed 55 billion credential stuffing attacks — showing that no industry is immune to them. The gaming industry alone saw 12 billion of those attacks, marking it as a growing target for criminals looking to make a quick buck. For now, attackers see credential abuse as a low-risk venture with potential for a high payout, and these types of attacks are likely to increase for the foreseeable future.
When we look at web attack data historically observed by Akamai, 89.9% of the attacks fall into one of two categories: SQL Injections (SQLi) and Local File Inclusion (LFI) attacks. The data over this same 17-month period shows that SQLi have continued to grow at an alarming rate as an attack vector. While we can see that the attacks escalated with the holiday shopping season, they never returned to their previous levels.
Akamai observed 55 billion credential stuffing attacks over 17 months; 12 billion of those attacks targeted the gaming industry
|• United States is still the top source for credential stuffing attacks, followed by Russia; however, when we look at the source countries for credential stuffing attacks against the gaming industry only, Russia takes the top spot
• In our 17-month data set, SQL Injections now represent nearly two-thirds of all web application attacks.
Read full report here