New Fastly Threat Research Reveals 91% of Cyberattacks Targeted Multiple Organisations Using Mass Scanning to Uncover and Exploit Vulnerabilities
Additional findings show unwanted bots, short-lived IP addresses and out-of-band domains used by adversaries to commit cybercrime and avoid detection
Posted: Thursday, Aug 22
  • KBI.Media
  • $
  • New Fastly Threat Research Reveals 91% of Cyberattacks Targeted Multiple Organisations Using Mass Scanning to Uncover and Exploit Vulnerabilities
New Fastly Threat Research Reveals 91% of Cyberattacks Targeted Multiple Organisations Using Mass Scanning to Uncover and Exploit Vulnerabilities

Sydney โ€“ August 22, 2024 โ€“ Fastly, Inc. (NYSE: FSLY), a leader in global edge cloud platforms, today released the โ€œFastly Threat Insights Report,โ€ which found 91% of cyberattacks โ€“ up from 69% in 2023 โ€“ targeted multiple customers using mass scanning techniques to uncover and exploit software vulnerabilities, revealing an alarming trend in attacks spreading across a broader target base. This new report provides the latest attack trends and techniques across the web application and API security landscape.

The Fastly Threat Insights Report builds on the 2023 โ€œFastly Network Effect Threat Report,โ€ and is based on data collected April 11 to June 30, 2024 from Fastlyโ€™s Network Learning Exchange (NLX), the collective threat intelligence feed for Fastlyโ€™s Next-Gen WAF, and Out-of-Band (OOB) Domains as well as traffic signaled by Fastly Bot Management from April 1 to June 30, 2024. Fastlyโ€™s Next-Gen WAF protects over 90,000 apps and APIs[1]and inspects ~5.5 trillion requests per month[2] across some of the worldโ€™s largest e-commerce, streaming, media and entertainment, financial services, and technology companies.

Among the reportโ€™s key findings:

  • Adversaries performing mass scanning: 91% of attacks originating from NLX sources targeted multiple customers; 19% targeted over 100 different customers. This is a significant increase from Q2 2023 insights, where 69% of NLX sources targeted multiple customers.
  • Bots comprise more than one-third of Internet traffic: A significant amount of global internet traffic is attributed to requests generated by automation tools; approximately 36% of traffic originated from bots, while the remaining 64% came from human users.
  • Dramatic increase in usage of out-of-band domains to actively exploit three WordPress Plugin CVEs (CVE-2024-2194, CVE-2023-6961, and CVE-2023-40000). Seven out-of-band domains were used to inject malicious content, install backdoors, and track infected applications.
  • Short-lived IP addresses help attackers evade detection: 49% of IP addresses added to NLX were listed for just one day, with the average duration being 3.5 days. Attackers use IPs for a short period to avoid detection, highlighting the importance of adaptive security controls that can mitigate varied threats.
  • High Tech remains top industry targeted, accounting for 37% of attacks, although slightly down from last year at 46%. Other top industries for 2024 include Media & Entertainment (21%) and Financial Services (17%).

โ€œBy performing mass scanning, attackers increase the likelihood of discovering vulnerable systems. The more targets scanned, the higher the probability of finding at least one exploitable weakness,โ€ said Fastly Staff Security Researcher Simran Khalsa. โ€œItโ€™s not enough to respond to attacks. We must anticipate them, continuously adapt, and stay one step ahead. Based on trillions of requests across our global customer base, this new report provides an overview of the current threat landscape and actionable insights for security teams to help protect their valuable assets.โ€

To read the complete report, visit https://learn.fastly.com/security-threat-insights-report.

About Fastly, Inc.

Fastlyโ€™s powerful and programmable edge cloud platform helps the worldโ€™s top brands deliver online experiences that are fast, safe, and engaging through edge compute, delivery, security, and observability offerings that improve site performance, enhance security, and empower innovation at global scale. Compared to other providers, Fastlyโ€™s powerful, high-performance, and modern platform architecture empowers developers to deliver secure websites and apps with rapid time-to-market and demonstrated, industry-leading cost savings. Organisations around the world trust Fastly to help them upgrade the internet experience, including Reddit, Wendyโ€™s, Stripe, Neiman Marcus, Universal Music Group, and SeatGeek. In Australia and New Zealand, the company works with organisations such as Foxtel, Linktree, and Trade Me.

Share This