CDSA

Akamai Security Report: Adapt to the Unpredictable

Akamai has released its latest “State of the Internet” report, this time with a focus on “Adapting to the Unpredictable,” with a focus on how data traffic and cybersecurity were impacted due to the pandemic.

Shortly after lockdowns first began in 2020, with offices emptying and workers shifting to a remote model, there was massive spikes in internet traffic, a year’s worth of growth in just a few weeks, according to the report. And that growth persisted all year: “These spikes can be linked to various events, including summer vacations, holidays, sporting events, streaming media releases, and resurgence of COVID-19 mandates as spikes in the virus were recorded and addressed by local governments,” the report read. “On Nov. 11, traffic hit a record-setting peak for a single day, when the monitors recorded 180 Tbps.”

Work from home, remote learning, online gaming with friends, video conferences and virtual hangouts, daily meetings, streaming content, sporting events, and daily consumption of news and social media all contributed to numbers never seen before.

But even as the world went into lockdown, cybercriminals were stepping up their game, with Akamai identifying record numbers of malicious domains and blocking them at the DNS and HTTP levels, with bad actors adopting new phishing lures — many of them focusing on COVID-19— and targeting VPN credentials, videoconferencing applications, and personal information.

“As the world went into lockdown in 2020, the criminals did too. This means they needed to shift their operations somewhat, and start targeting workers who were at home rather than in the office,” the report read.

In 2020, Akamai faced 21.5 million malicious DNS queries out of an aggregate of 109 billion, or about 299 million DNS queries per day. Akamai logged 6.3 million blocked phishing attempts.

“As many in the IT and security space know, users will sometimes inadvertently open risky, or potentially malicious files, or they’ll inadvertently access malicious URLs through no fault of their own,” the report read. “When this happens, IT teams will speak to the system owner, alerting them to potential problems, if any exist. It’s also common to see IT teams offer additional awareness training if needed, or just reimage the system. In our case, because we used layered defenses, the blocks recorded in this dataset were mostly proactive because of third-party access.”

What Akamai found during lockdowns was that the usual ways of protection will work to some degree, but security must adapt to changing situations, and that just because a policy or program works well in a data center and office, doesn’t mean it will work at home.

To download the report, click here.