View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 20, 2018

Malicious botnets responsible for 40% of global login attempts

Prime examples of targets hackers have been exploiting are the GoAhead embedded HTTP server that leads to 700,000 potential targets, and the Oracle WebLogic Server.

By Tom Ball

In the fourth quarter of 2017, a spike in the use of botnets for credential abuse was noted as 7.3 trillion bot requests were analysed, revealing that 40 per cent of login attempts had been malicious.

Remote code execution vulnerabilities particularly in enterprise-level software have also proved a favourable target for attackers recently, looking to enslave the systems as part of botnets.

Prime examples of targets hackers have been exploiting are the GoAhead embedded HTTP server that leads to 700,000 potential targets, and the Oracle WebLogic Server.

In addition to these findings revealed in the Q4 2017 Akamai State of The Internet / Security Report, a growing trend of attackers installing crypto mining programs onto their targets, a process made easier by the widespread Spectre and Meltdown vulnerabilities.

“A key motive of attackers has always been financial profit. In the past few years, we have seen adversaries move to more direct methods to achieve that goal such as ransomware,” said Martin McKeay, senior security advocate and senior editor, State of the Internet / Security Report. “Crypto mining offers attackers the most direct avenue to monetise efforts by putting money immediately into their cryptowallets.”

AWS clients alerted to security risks by researchers
Crypto asset coding competition launched by Deutsche Bourse
UK government backed smart meters could pose cyber risk – GCHQ

The industry hit hardest by fraudulent credential attacks was found to be hospitality, with 82 per cent of login attempts in this space proving to be malicious. Another important finding from the report was a spike in DDoS attacks on the financial services industry.

Content from our partners
Why the tech sector must embrace faster, smarter talent recruitment
Sherif Tawfik: The Middle East and Africa are ready to lead on the climate
What to look for in a modern ERP system

“Increased automation and data mining have caused a massive flood of bot traffic to impact websites and Internet services. Although most of that traffic is useful for Internet businesses, cybercriminals are looking to manipulate the powerful volume of bots for nefarious gains,” said McKeay. “Enterprises need to watch who is accessing their sites to differentiate actual humans from both legitimate and malicious bots. Not all web traffic and not all bots are created equal.”

Topics in this article : , , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU