DDoS and Healthcare Web Application Attacks on the Rise

There was a threefold increase in attacks on healthcare web applications from the second quarter of 2015 to Q2 2016, according to a new report from content delivery network and cloud services provider Akamai Technologies. From Q1 to Q2, 2016, web application attacks increased by 14%. There was a 197% increase in web application attacks sourcing from Brazil, while attacks sourcing from the United States fell by 13%.

The US was the most targeted country in Q2, 2016. 64% of attacks were conducted on organizations in the United States, compared to 60% of attacks in Q1.

Most web application attacks were conducted on organizations in the retail, hotel & travel industries. 0.31% of web application attacks were conducted on the healthcare sector in Q2, 2016. That corresponds to 899,827 attack triggers. According to Akamai, the healthcare industry is being increasingly targeted as attackers attempt to get hold of valuable health data.

There was also a 129% increase in total DDoS attacks in Q2 2016 compared with Q2, 2015, and a record number of NTP reflection attacks occurred – up 276% in Q2, 2016 compared to Q2, 2015. Infrastructure layer attacks were 151% higher and UDP flood attacks were up by 70%. DDoS attacks increased by 9% from Q1 2016 to Q2 2016.

There was a significant reduction in median attack bandwidth, which fell by 36% compared to last quarter. The largest DDoS attack recorded by Akamai was 363 Gbps, which was one of two 300 Gbps+ attacks recorded in Q2. 12 attacks exceeded 100 Gbps.

There was no statistically significant change in the number of DDoS attacks conducted per target, although numbers fell from 29 to 27 from Q1 to Q2 this year. In Q1 2015, there was an average of 17 DDoS attacks per organization and an average of 24 attacks per organization in Q2, 2015. While the average number of attacks per organization dropped slightly, large organizations are still being heavily targeted. Akamai reports that one target suffered 373 separate DDoS attacks in Q2. According to the report, it is probable that DDoS attacks will continue to increase.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.