New analysis from global application security company F5 Labs suggests Denial-of-Service (DoS), Application Programming Interface (API) attacks, and password login attacks, including brute force and credential stuffing, are on the rise globally.

The analysis of cases reported to F5’s Serious Incident Response Team (SIRT)  from the beginning of 2018 to the end of 2020, suggests the percentage of incidents reported that are DoS attacks has crept up, from 32% to 36% a year.

By region, APCJ ranked highest for most DoS attacks, accounting for 57% of the country’s reported SIRT incidents. EMEA ranked next with 47%, experiencing the biggest leap since 2018 (rising by 945%), followed by the US and Canada with 33% and LATAM with 30%.

The team also found that Application Programming Interface (API) attacks are “becoming increasingly widespread,” with 4% of all reported F5 SIRT incidents being API-related. 75% of those attacks were password login attacks.

According to the analysis, finance and service providers ranked highest in industries reporting API attacks to the F5 SIRT.

In regard to rising DoS attacks, the results show reports of “Slow POST/Slowloris” attacks, which are “designed to initiate and keep as many of a victim’s connections open as possible.” Although, the report states that most DoS attacks are network volumetric floods, otherwise known as TCP SYN or UDP floods.

The most targeted sectors were service providers and educational institutions, with both reporting DoS attacks as 59% of all incidents.

Finance and public sector organisations were the next highest at 36% and 28%.

Raymond Pompon, Director of F5 Labs said, “Attackers, as always, choose the most efficient ways to turn a profit. Our weaknesses are their opportunities. We can definitely expect more password login, DoS and API attacks on the horizon.”

Despite experiencing a slight reduction in 2019, F5’s analysis shows that password login attacks have been consistently on the rise for years, accounting for 32% of all reported SIRT incidents since 2018.

Password login attacks were the most reported type of incident in the United States and Canada, representing 45% of all reported incidents. LATAM ranked second with 40%, followed by EMEA with 30% and APCJ with 11.7%.

By industry, banking and financial services organisations suffered most (46% of all incidents), followed by the public sector (39%) and service providers (27.8%).

“Financial institutions have got better at defending their systems, but attackers are going after the weakest link: their customers. It’s hard for a financial services organisation to know if a consumer is reusing their password somewhere else, especially somewhere with weaker security,” Pompon said.

Register to receive the latest cyber security news and analysis straight to your inbox

Topics