Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

8/9/2012
02:12 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Akamai Releases First Quarter 2012 "State Of The Internet" Report

Approximately 42 percent of observed attack traffic originated in Asia Pacific/Oceania region

CAMBRIDGE, Mass., Aug. 9, 2012 /PRNewswire/ --

-- More than 666 million IP addresses from 238 countries/regions connected to the Akamai Intelligent Platform(TM) during the quarter -- Approximately 42 percent of observed attack traffic originated in the Asia Pacific/Oceania region -- South Korea continues to offer highest average connection speed; Hong Kong takes the top spot for highest average peak connection speed -- Report incorporates new definitions for terms "broadband" and "high broadband" to be consistent with definitions used in China, United States and by European Commission Akamai Technologies, Inc. (NASDAQ: AKAM), the leading cloud platform for helping enterprises provide secure, high-performing user experiences on any device, anywhere, today released its First Quarter, 2012 State of the Internet report. Based on data gathered from the Akamai Intelligent Platform(TM), the report provides insight into key global statistics such as Internet penetration, mobile connection speeds, origins of attack traffic, and global and regional connection speeds.

(Logo: http://photos.prnewswire.com/prnh/20100225/AKAMAILOGO )

The First Quarter, 2012 State of the Internet report also provides analysis of first quarter Internet outages reported in Iran and Australia. Traffic patterns from across the Akamai Intelligent Platform into those regions show the impact to Internet access and the duration of these outages.

Highlights from Akamai's 2012 first quarter report:

Global Internet Penetration

More than 666 million unique IP addresses from 238 countries and regions around the world connected to the Akamai Intelligent Platform in the first quarter of 2012. This represents a six percent increase when compared to the fourth quarter of 2011 and almost a 14 percent increase versus the first quarter of 2011.

The unique IP address count across the top 10 connecting countries represented nearly 66 percent of the global figure, a concentration level approximately one percent lower than in the fourth quarter of 2011. When looking at year-over-year changes in IP address connections, China, Brazil, Italy, and Russia all once again maintained growth rates in excess of 20 percent.

Following the World IPv6 Launch in June, where a number of organizations permanently "turned on" IPv6 support for their web sites, Akamai anticipates beginning to see a greater number of IPv6 connections. This will also be driven by providers rolling out native IPv6 connectivity to their subscribers, and greater availability of popular content over IPv6.

Attack Traffic and Top Ports Attacked

Akamai maintains a distributed set of agents deployed across the Internet that monitor attack traffic. Based on data collected by these agents, Akamai is able to identify the top countries from which attack traffic originates as well as the top ports targeted by these attacks.

In the first quarter of 2012, more than 42 percent of observed attack traffic originated in the Asia Pacific/Oceania region; Europe originated approximately 35 percent; North and South America were responsible for a combined 21 percent; and just under 1.5 percent came from Africa.

When examining attack traffic on an individual source country basis, Akamai saw quarterly growth in the percentage of observed attack traffic from China (16 percent and number one on the top 10), the United States (11 percent), Russia (seven percent), Turkey (5.7 percent), Romania (three percent), and Germany (1.9 percent). However, Taiwan (5.3 percent), South Korea (4.3 percent), and Brazil (four percent) all saw percentages drop relative to the prior quarter.

Attack traffic concentration among the top 10 ports increased significantly in the first quarter of 2012, with these ports responsible for 77 percent of observed attacks, up from 62 percent in the fourth quarter of 2011. It appears that this increase was largely attributable to significant growth in the percentage of attacks targeting Port 445 (42 percent of observed attack traffic), after seeing declines over the prior several quarters. As has been noted in past reports, Port 445 is associated with the Conficker worm.

Taking geography into consideration, Akamai found that Port 445 was the most attacked port in seven of the top 10 countries generating attack traffic. Port 23 (Telnet) continued to be the most targeted port in South Korea and Turkey, while Port 1433 (Microsoft SQL Server) remained the top target for observed attacks originating in China. In the United States, Germany, and Brazil, Port 80 (HTTP) was the second-most targeted port, likely indicating that attackers were searching for the presence of Web-based applications with known vulnerabilities that could be exploited to gain control of the system or to install malware. In Russia and Taiwan, Port 23 was the second-most targeted port, likely indicating attempts to exploit default or common passwords that would allow attackers to gain access to a system.

Redefining High Broadband Connectivity

Beginning with the First Quarter, 2012 State of the Internet report, Akamai has redefined the terms "broadband" and "high broadband," with the revised definition of "broadband" now more in line with speed targets set out by the United States, China and the European Commission. Broadband connections are now defined as 4 Mbps or greater, while high broadband now includes those connections to the Akamai Intelligent Platform at 10 Mbps or greater. Taking this new definition into consideration, global adoption of high broadband reached 10 percent, up 19 percent quarter-over-quarter. Among the top 10 countries for high broadband adoption, South Korea topped the list with 53 percent penetration. Japan (37 percent), Hong Kong (28 percent), Latvia (26 percent) and the Netherlands (24 percent) rounded out the top five.

Global Average and Peak Connection Speeds

When it comes to average connection speeds, all of the top 10 countries experienced positive year-over-year changes in average connection speeds. Globally, a total of 125 countries experienced year-over-year increases and only 10 countries that qualified for inclusion saw declines in connection speeds. The global average connection speed in the first quarter was 2.6 Mbps.

Once again, South Korea (15.7 Mbps) featured the fastest average connection speed. Countries/regions rounding out the top 5 included Japan (10.9 Mbps), Hong Kong (9.3 Mbps), the Netherlands (8.8 Mbps) and Latvia (8.8 Mbps).

Year-over-year, the global average peak connection speed increased by 25 percent, and increases were also seen across all of the top 10 countries. Globally, nearly 130 qualifying countries saw year-over-year increases in average connection speeds, ranging from 3.8 percent growth in Pakistan (to 5.9 Mbps) to a 213 percent jump in Libya (to 3.8 Mbps). Only five countries saw a yearly decline in average peak connection speed, with the greatest loss in Tanzania, which dropped 21 percent (to 5.1 Mbps).

In the first quarter, Hong Kong took the top spot for average peak connection speed (49.3 Mbps), dropping South Korea (47.8) to second place. The remaining top 5 included Japan (39.5 Mbps), Romania (38.8 Mbps) and Latvia (33.5 Mbps).

Mobile Connection Speeds

In the first quarter of 2012 Akamai found that a mobile provider in Germany delivered the fastest average connection speed at slightly less than 6 Mbps. Of all mobile operators tracked, five had an average connection speed of greater than 4 Mbps, while 65 mobile operators had average connection speeds greater than 1 Mbps. Only three providers had average connection speeds below 500 kbps.

When looking at peak connection speeds for the mobile providers worldwide for which Akamai analyzed data, a provider in Hong Kong offered the highest average peak connection speed of 32.2 Mbps. A German provider came in a close second at 31.2 Mbps. Overall, six mobile operators had average peak connection speeds of greater than 20 Mbps - double the number of the previous quarter. 31 providers had average peak connection speeds above 10 Mbps and all providers had average peak connection speeds above 2 Mbps.

About the Akamai State of the Internet report

Each quarter, Akamai publishes a "State of the Internet" report. This report includes data gathered from across the Akamai Intelligent Platform about attack traffic, broadband adoption, mobile connectivity and other relevant topics concerning the Internet and its usage, as well as trends seen in this data over time. To learn more and to access the archive of past reports, please visit www.akamai.com/stateoftheinternet.

Please join the report's editor, David Belson at 8:00 a.m. ET or 1:00 p.m. ET on Tuesday, August 21, 2012 for a live State of the Internet report webcast. Mr. Belson will provide in-depth analysis on the report's findings and answer attendee questions. Register online at http://reg.dispeak.com/c/akamai/soti/soti-aug12/r.html.

To download the figures from the First Quarter, 2012 State of the Internet report, please visit http://wwwns.akamai.com/soti/soti_q112_figures.zip.

About Akamai

Akamai(r) is the leading cloud platform for helping enterprises provide secure, high-performing user experiences on any device, anywhere. At the core of the Company's solutions is the Akamai Intelligent Platform(TM) providing extensive reach, coupled with unmatched reliability, security, visibility and expertise. Akamai removes the complexities of connecting the increasingly mobile world, supporting 24/7 consumer demand, and enabling enterprises to securely leverage the cloud. To learn more about how Akamai is accelerating the pace of innovation in a hyperconnected world, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.