SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
WAF Multi-Vector and DDoS attacks are spiking in Australia
Wed, 4th May 2022
FYI, this story is more than a year old

According to a new observation by Akamai, Australia has experienced a massive spike in WAF Multi-Vector and DDoS attacks.

In a blog post by Akamai Technologies director of security technology and strategy APJ Dean Houari, he shares a variety of data enforcing the importance of awareness regarding these kinds of attacks.

Between April 2021 and March 2022, the company analysed data points for web application firewall (WAF) multi-vector and DDoS attacks to determine the severity of the situation. They found that insights from their Akamai Intelligent Edge Platform signalled a variety of alarming trends.

Data detailing WAF attacks from September 2021 to October 2021 showed a significant spike, with a 100% increase in Q1 of 2022 highlighting a resurgence.

The top attack vectors found were XSS (cross site scripting) and LFI (local file injection), which the company says could indicate that attackers are trying to inject or execute malicious payloads to plant malware and potentially initiate remote code execution attacks.

XSS and LFI with LFI attacks were the globally preferred attacks, accounting for more than 200 million attacks worldwide.

DDoS attacks targeting the financial services industry also soared during the period of July 23 2021 to mid-November 2021, and often resurged in a pattern throughout the year that suggests the same threat group was behind certain attacks.

Conti and Revil ransomware gangs were key culprits, and often used DDoS volumetric attacks as a means to extort ransom from targeted companies. This highlights the importance of security vigilance and knowledge when navigating possible threat actors.

The data also shows that APIs have now entered the mainstream, which is said to cause problems for API-centric architectures including mobile apps, microservices, composable architectures, and third-party integrations.

“The issue with a shift to APIs is that it challenges conventional approaches to security and governance, making them a ripe target for attackers,” the blog by Houari states.

API protections were recently added to the OWASP Top 10, and the report signals that it is evident that regulators around the world are implementing API security requirements to help shift the focus to addressing these areas of risk and vulnerability.

“We expect to see attacks continually increase over the course of 2022 that will impact organisations across all sectors, and organisations will need to find ways to mitigate such attacks by deploying API protections that can circumvent DDoS malicious injection, credential abuse, and API specification violations,” concludes Houari's blog.