According to a recent report from cloud service provider Akamai Technologies, healthcare web application attacks have increased threefold since the second quarter of 2015. Web application attacks have increased by 14% year on year overall.
Cybercriminals are predominantly conducting attacks on organizations in the United States. According to the report, 64% of attacks occur in the U.S. Brazil is in second place with 10% of attacks, followed by the UK where 6% of attacks are conducted. In Q1, 60% of attacks were in the United States.
According to the report, the high percentage of attacks taking place in the United States is understandable because many companies have their headquarters and IT infrastructure in the U.S. “Many of the major virtual private server / hosting providers are based in the US, which plays a valuable role in obfuscating the actor’s identity while conducting Internet crimes.”
The report shows that the healthcare industry is increasingly being targeted. Three times as many healthcare web application attacks were conducted in Q2 2016 compared to Q2 2015. However, overall, healthcare and pharmaceutical companies accounted for just 0.31% of web application attack triggers in Q2 2016. The percentage may seem spall, but that equates to 899,827 web application attack triggers.
For the report, Akamai also investigated DDoS attacks which were also discovered to have increased since 2015. There was also a 9% increase in DDoS attacks between Q1 and Q2 2016, although the number of attacks performed per target fell from 29 in Q1 to 27 in Q2.
Some organizations have been extensively targeted. Akamai found that one target experienced an incredible 373 DDoS attacks. According to the report, “High value sites are attacked more frequently, because even a slight weakening in their defenses may reward the attacker with a significant return on the time spent.” In the majority of cases, the DDoS attacks were of a relatively short duration, although repeat attacks do pose a serious threat.
The authors of the report said there are no indications that DDoS attacks will decrease, in fact it is highly likely that attacks will continue to rise.