DDoS attacks across all industries in Q1 more than doubled year over year, while web application attacks increased more than 25% in Q1 compared with Q4 2015, Akamai finds. Web application attacks primarily targeted retailers.

Distributed-denial-of-service, or DDoS, attacks surged 125.4% in Q1 to 4,523 from 2,007 in the year-ago period, according to the most recent “State of the Internet” report from Akamai Technologies Inc., a content delivery network and web security firm that bases its conclusions on client data.

The gaming industry was hit the hardest in the first quarter of 2016, accounting for 55% of the attacks, says the report, released last week. Retailers and consumer goods companies accounted for 2.75%, or about 124, of DDoS attacks in Q1, up from 1.86% in Q4 2015.

China was the leading source of DDoS attacks in Q1, with 27%. The United States was the second-most common source of attacking IP addresses at 17%, followed by Turkey at 10%, Akamai says.

A DDoS attack occurs when malefactors attempt to take a site offline by sending an overwhelming volume of traffic to it. It’s called distributed because the attack traffic comes from multiple computers, often thousands, which criminals control through software they surreptitiously load onto consumers’ PCs. Akamai expects the barrage of attacks against the gaming industry to continue, and that the retail and financial services sectors also will be top targets because they store sensitive data that thieves can use for financial gain.

Akamai, which bases its report on attacks it observes and mitigates among its clients, detected the 4,523 attacks in Q1 across a network it uses to prevent DDoS attacks. The year-over-year surge was largely driven by repeat attacks on customers and not an increase in the number of targets, according to the report. Compared with Q4 2015, attacks jumped 22.5% from 3,693 attacks.

advertisement

Retailers frequently are targeted for DDoS attacks, but they are also targeted for web application attacks because of the consumer information in their databases and because retailers have a large number of site visitors, Akamai says. Web application attacks target a particular feature on a website.

Web application attacks in the first quarter most frequently had the retail industry in the cross-hairs: 43.4% of such attacks were directed at retailers, followed by 13.0% at hotel and travel, 12.1% at financial services, 9.4% at high technology firms, 7.2% at media and entertainment companies, and the remainder against the public sector, software-as-a-service firms, business services and others, the report says.

U.S. websites were targeted in 60% of the web application attacks. No other country had a double-digit percentage; Brazil was second at 9%.

When looking at the source country of such attacks, Akamai finds the U.S. accounted for 43% of origin traffic, Brazil 12%, China and the Netherlands  8% each, Romania 7%, Russia and the United Kingdom 6% each, Germany 4%, and the Ukraine and India 3% each.

advertisement

Akamai also notes that in recent months malicious traffic coming out of Brazil has surged. “Most of those attacks were against a Brazilian customer in the retail industry. When the attacks originated in Russia, the destinations were mostly in the retail industry in the U.S. and the U.K.,” the report says.

Brazil’s tech infrastructure has been expanding rapidly in the runup to the 2014 FIFA World Cup and the upcoming 2016 Summer Olympics, and internet-related crime has increased “in alignment with these constructions,” says David Fernandez, manager, Akamai Security Intelligence Response Team.

Favorite