Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

8/9/2012
02:12 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Akamai Releases First Quarter 2012 "State Of The Internet" Report

Approximately 42 percent of observed attack traffic originated in Asia Pacific/Oceania region

CAMBRIDGE, Mass., Aug. 9, 2012 /PRNewswire/ --

-- More than 666 million IP addresses from 238 countries/regions connected to the Akamai Intelligent Platform(TM) during the quarter -- Approximately 42 percent of observed attack traffic originated in the Asia Pacific/Oceania region -- South Korea continues to offer highest average connection speed; Hong Kong takes the top spot for highest average peak connection speed -- Report incorporates new definitions for terms "broadband" and "high broadband" to be consistent with definitions used in China, United States and by European Commission Akamai Technologies, Inc. (NASDAQ: AKAM), the leading cloud platform for helping enterprises provide secure, high-performing user experiences on any device, anywhere, today released its First Quarter, 2012 State of the Internet report. Based on data gathered from the Akamai Intelligent Platform(TM), the report provides insight into key global statistics such as Internet penetration, mobile connection speeds, origins of attack traffic, and global and regional connection speeds.

(Logo: http://photos.prnewswire.com/prnh/20100225/AKAMAILOGO )

The First Quarter, 2012 State of the Internet report also provides analysis of first quarter Internet outages reported in Iran and Australia. Traffic patterns from across the Akamai Intelligent Platform into those regions show the impact to Internet access and the duration of these outages.

Highlights from Akamai's 2012 first quarter report:

Global Internet Penetration

More than 666 million unique IP addresses from 238 countries and regions around the world connected to the Akamai Intelligent Platform in the first quarter of 2012. This represents a six percent increase when compared to the fourth quarter of 2011 and almost a 14 percent increase versus the first quarter of 2011.

The unique IP address count across the top 10 connecting countries represented nearly 66 percent of the global figure, a concentration level approximately one percent lower than in the fourth quarter of 2011. When looking at year-over-year changes in IP address connections, China, Brazil, Italy, and Russia all once again maintained growth rates in excess of 20 percent.

Following the World IPv6 Launch in June, where a number of organizations permanently "turned on" IPv6 support for their web sites, Akamai anticipates beginning to see a greater number of IPv6 connections. This will also be driven by providers rolling out native IPv6 connectivity to their subscribers, and greater availability of popular content over IPv6.

Attack Traffic and Top Ports Attacked

Akamai maintains a distributed set of agents deployed across the Internet that monitor attack traffic. Based on data collected by these agents, Akamai is able to identify the top countries from which attack traffic originates as well as the top ports targeted by these attacks.

In the first quarter of 2012, more than 42 percent of observed attack traffic originated in the Asia Pacific/Oceania region; Europe originated approximately 35 percent; North and South America were responsible for a combined 21 percent; and just under 1.5 percent came from Africa.

When examining attack traffic on an individual source country basis, Akamai saw quarterly growth in the percentage of observed attack traffic from China (16 percent and number one on the top 10), the United States (11 percent), Russia (seven percent), Turkey (5.7 percent), Romania (three percent), and Germany (1.9 percent). However, Taiwan (5.3 percent), South Korea (4.3 percent), and Brazil (four percent) all saw percentages drop relative to the prior quarter.

Attack traffic concentration among the top 10 ports increased significantly in the first quarter of 2012, with these ports responsible for 77 percent of observed attacks, up from 62 percent in the fourth quarter of 2011. It appears that this increase was largely attributable to significant growth in the percentage of attacks targeting Port 445 (42 percent of observed attack traffic), after seeing declines over the prior several quarters. As has been noted in past reports, Port 445 is associated with the Conficker worm.

Taking geography into consideration, Akamai found that Port 445 was the most attacked port in seven of the top 10 countries generating attack traffic. Port 23 (Telnet) continued to be the most targeted port in South Korea and Turkey, while Port 1433 (Microsoft SQL Server) remained the top target for observed attacks originating in China. In the United States, Germany, and Brazil, Port 80 (HTTP) was the second-most targeted port, likely indicating that attackers were searching for the presence of Web-based applications with known vulnerabilities that could be exploited to gain control of the system or to install malware. In Russia and Taiwan, Port 23 was the second-most targeted port, likely indicating attempts to exploit default or common passwords that would allow attackers to gain access to a system.

Redefining High Broadband Connectivity

Beginning with the First Quarter, 2012 State of the Internet report, Akamai has redefined the terms "broadband" and "high broadband," with the revised definition of "broadband" now more in line with speed targets set out by the United States, China and the European Commission. Broadband connections are now defined as 4 Mbps or greater, while high broadband now includes those connections to the Akamai Intelligent Platform at 10 Mbps or greater. Taking this new definition into consideration, global adoption of high broadband reached 10 percent, up 19 percent quarter-over-quarter. Among the top 10 countries for high broadband adoption, South Korea topped the list with 53 percent penetration. Japan (37 percent), Hong Kong (28 percent), Latvia (26 percent) and the Netherlands (24 percent) rounded out the top five.

Global Average and Peak Connection Speeds

When it comes to average connection speeds, all of the top 10 countries experienced positive year-over-year changes in average connection speeds. Globally, a total of 125 countries experienced year-over-year increases and only 10 countries that qualified for inclusion saw declines in connection speeds. The global average connection speed in the first quarter was 2.6 Mbps.

Once again, South Korea (15.7 Mbps) featured the fastest average connection speed. Countries/regions rounding out the top 5 included Japan (10.9 Mbps), Hong Kong (9.3 Mbps), the Netherlands (8.8 Mbps) and Latvia (8.8 Mbps).

Year-over-year, the global average peak connection speed increased by 25 percent, and increases were also seen across all of the top 10 countries. Globally, nearly 130 qualifying countries saw year-over-year increases in average connection speeds, ranging from 3.8 percent growth in Pakistan (to 5.9 Mbps) to a 213 percent jump in Libya (to 3.8 Mbps). Only five countries saw a yearly decline in average peak connection speed, with the greatest loss in Tanzania, which dropped 21 percent (to 5.1 Mbps).

In the first quarter, Hong Kong took the top spot for average peak connection speed (49.3 Mbps), dropping South Korea (47.8) to second place. The remaining top 5 included Japan (39.5 Mbps), Romania (38.8 Mbps) and Latvia (33.5 Mbps).

Mobile Connection Speeds

In the first quarter of 2012 Akamai found that a mobile provider in Germany delivered the fastest average connection speed at slightly less than 6 Mbps. Of all mobile operators tracked, five had an average connection speed of greater than 4 Mbps, while 65 mobile operators had average connection speeds greater than 1 Mbps. Only three providers had average connection speeds below 500 kbps.

When looking at peak connection speeds for the mobile providers worldwide for which Akamai analyzed data, a provider in Hong Kong offered the highest average peak connection speed of 32.2 Mbps. A German provider came in a close second at 31.2 Mbps. Overall, six mobile operators had average peak connection speeds of greater than 20 Mbps - double the number of the previous quarter. 31 providers had average peak connection speeds above 10 Mbps and all providers had average peak connection speeds above 2 Mbps.

About the Akamai State of the Internet report

Each quarter, Akamai publishes a "State of the Internet" report. This report includes data gathered from across the Akamai Intelligent Platform about attack traffic, broadband adoption, mobile connectivity and other relevant topics concerning the Internet and its usage, as well as trends seen in this data over time. To learn more and to access the archive of past reports, please visit www.akamai.com/stateoftheinternet.

Please join the report's editor, David Belson at 8:00 a.m. ET or 1:00 p.m. ET on Tuesday, August 21, 2012 for a live State of the Internet report webcast. Mr. Belson will provide in-depth analysis on the report's findings and answer attendee questions. Register online at http://reg.dispeak.com/c/akamai/soti/soti-aug12/r.html.

To download the figures from the First Quarter, 2012 State of the Internet report, please visit http://wwwns.akamai.com/soti/soti_q112_figures.zip.

About Akamai

Akamai(r) is the leading cloud platform for helping enterprises provide secure, high-performing user experiences on any device, anywhere. At the core of the Company's solutions is the Akamai Intelligent Platform(TM) providing extensive reach, coupled with unmatched reliability, security, visibility and expertise. Akamai removes the complexities of connecting the increasingly mobile world, supporting 24/7 consumer demand, and enabling enterprises to securely leverage the cloud. To learn more about how Akamai is accelerating the pace of innovation in a hyperconnected world, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30485
PUBLISHED: 2021-04-11
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp() on a NULL pointer.
CVE-2021-30481
PUBLISHED: 2021-04-10
Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020
PUBLISHED: 2021-04-10
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480
PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194
PUBLISHED: 2021-04-09
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.