[Fastly Co., Ltd.] Latest Fastly research: 91% of cyberattacks target multiple organizations, discovering and exploiting vulnerabilities using mass scanning techniques
*Fastly Co., Ltd.*
Press release: August 22, 2024
**
Fastly Latest Research: 91% of Cyberattacks Target Multiple
Organizations, Using Mass Scanning Techniques to Discover and Exploit Vulnerabilities
*To avoid detection, spam bots, short-lived IP addresses, and obfuscated external domain hosts (Out-of-Band)
It is also clear that domain) is being used*
* Global leading edge cloud platform * * Fastly, Inc.*
” between April 11 and June 30, 2024, Fastly’s Next-Gen WAF
Fastly’s Network Learning Exchange (NLX), a collective threat intelligence feed for
Data collected from Out-of-Band domains and Fastly Bot from April 1, 2024 to June 30, 2024.
Management Analyzing traffic signaled by Fastly’s Next-Gen WAF is the world’s largest e- Over 90,000 applications and services for commerce, streaming, media/entertainment, financial services, and technology companies. We protect APIs (*1) and inspect 5.5 trillion (*2) requests every month.
The main findings of this report are as follows.
* Attackers perform mass scans: * 91% of attacks originating from NLX sources target multiple customers, and 19% target 100
They targeted different customers beyond the company. This is a significant increase from 69% in Q2 2023.
* Bots account for more than one-third of internet traffic: * One-third of global internet traffic
This was driven by requests generated by automated tools, with approximately 36% of the traffic coming from bots and the remaining 64% from human users.
* Significant increase in Out-of-Band domain usage: * CVE of three * WordPress plugins*
(CVE-2024-2194, CVE-2023-6961, CVE-2023-40000) has seen a dramatic increase in exploitation. 7 for injecting malicious content, installing backdoors, and tracking infected applications.
Two OOB domains were used.
* Short-lived IP addresses avoid detection: * 49% of IP addresses added to NLX are listed for only one day, with an average duration of It was 3.5 days. Attackers have been using IP for short periods of time to evade detection, highlighting the importance of adaptive security controls that can help mitigate a wide variety of threats.
* Tech industries continue to be targeted: * 37% of attacks target tech industries, down from 46% a year ago
accounted for. Media/Entertainment (21%) and Financial Services (17%) are the top target industries.
Simran Khalsa, Staff Security Researcher at Fastly
says: “By performing mass scans, attackers are discovering vulnerable systems. The more targets they scan, the higher their chances of discovering exploitable vulnerabilities. , to anticipate threats, continually adapt, and stay one step ahead.
Based on trillions of requests from our global customer base, we provide enterprise security teams with the current threat landscape and actionable insights to help protect their valuable assets. ”
The full report can be viewed here. (English and Japanese versions will be released soon)
https://learn.fastly.com/security-threat-insights-report
*1 As of March 2022
*2 Average for the most recent six months as of August 1, 2024
*About Fastly*
Fastly
Our powerful, programmable edge cloud platform delivers fast, secure, and attractive access to the world’s top enterprises through edge compute, delivery, security, and observability that improve web performance, strengthen security, and power innovation on a global scale. We help create a unique online experience.
Fastly
‘s powerful, cutting-edge platform architecture enables developers to accelerate time-to-market and achieve industry-leading cost savings for secure websites and applications. Nihon Keizai Shimbun, Gurunavi, ZOZO, CyberAgent in Japan, overseas
World-renowned companies such as Reddit and Universal Music Group use Fastly We are improving your internet experience through our services. Learn more about Fastly at https://www.fastly.com/jp
Please take a look. Also, see X @FastlyJapan