Akamai Technologies released a report this morning stating that up to 16% of organizations showed signs of a potential breach by 2022.
Akamai Technologies released its State of the Internet report titled “Superhighway of Attack: Analyzing Malicious DNS Traffic” this morning, detailing the global spread of malware. Researchers report that around 10-16% of organizations have shown potential signs of a breach in the past year.
Key findings in malicious DNS traffic.
Key findings from Akamai’s report include that 26% of affected devices “have attempted to communicate with known initial access agent (IAB) C2 domains, including Emotet-related domains.” Attackers are also reportedly using the QSnatch botnet to abuse network-attached storage devices, with 36% of affected devices linked to C2 domains affiliated with QSnatch. Home network threat actors target computers, cell phones, and Internet of Things (IoT) devices, as mobile malware and IoT botnets have been significantly observed.
Regional and industry data on the highway of attack.
QSnatch and Emotet were found to be ubiquitous in all regions. It was found that in North America, about 29% of affected devices are affected by Emotet, with 33% affected by QSnatch. In Europe, the Middle East and Africa (EMEA), QSnatch and Ramnit were seen as the most pervasive threats in the region, at 28% and 21%, respectively. The Asia-Pacific and Japan (APJ) region was heavily affected by QSnatch, while Latin America (LATAM) saw the prominence of QSnatch and Emotet, among others such as Agent Tesla, Virut, and Ramnit. Manufacturing was also reportedly a top target industry for IABs and botnets, with over 30% of organizations analyzed found to have malicious C2 traffic in the manufacturing industry.
