Akamai Technologies this morning released a report noting that up to 16% of organizations exhibited signs of a potential breach in 2022.
State-of-the-Internet: malicious DNS traffic.
Akamai Technologies this morning released its State of the Internet report titled “Attack Superhighway: Analyzing Malicious Traffic in DNS,” detailing the global spread of malware. Researchers report that around 10-16% of organizations have shown potential signs of a breach last year.
Key findings in malicious DNS traffic.
Key findings of the Akamai report include that 26% of affected devices “have attempted to reach out to known initial access brokers (IAB) C2 domains, including Emotet-related domains.” Attackers are also reportedly using the QSnatch botnet to abuse network-attached storage devices, with 36% of devices affected linked to QSnatch-affiliated C2 domains. The targeting by threat actors of home networks seeks out computers, cell phones, and Internet of Things (IoT) devices, as mobile malware and IoT botnets have been significantly observed.
Regional and industry data on the attack superhighway.
QSnatch and Emotet were found to be pervasive across all regions. It was found that in North America, around 29% of affected devices are impacted by Emotet, with 33% affected by QSnatch. In Europe, the Middle East, and Africa (EMEA), QSnatch and Ramnit were observed as the most pervasive threats in the region, at 28% and 21%, respectively. The Asia-Pacific and Japan (APJ) region were heavily impacted by QSnatch, while Latin America (LATAM) saw prominence of QSnatch and Emotet, among others, such as Agent Tesla, Virut, and Ramnit. Manufacturing was also reportedly a primary target sector for IABs and botnets, with more than 30% of analyzed organizations actually found to have malicious C2 traffic in the manufacturing sector.