New Fastly Threat Research Reveals 91% of Cyberattacks Targeted Multiple Organizations Using Mass Scanning to Uncover and Exploit Vulnerabilities
Fastly's latest Threat Insights Report reveals alarming trends in cybersecurity. Key findings include:
1. 91% of cyberattacks targeted multiple organizations using mass scanning techniques, up from 69% in 2023.
2. Bots comprise 36% of global internet traffic.
3. Increased usage of out-of-band domains to exploit WordPress Plugin vulnerabilities.
4. 49% of malicious IP addresses were active for just one day, with an average duration of 3.5 days.
5. High Tech remains the top targeted industry (37%), followed by Media & Entertainment (21%) and Financial Services (17%).
The report emphasizes the importance of adaptive security controls and proactive threat anticipation.
Il Rapporto sulle Minacce di Fastly rivela tendenze allarmanti nella cybersecurity. I risultati chiave includono:
1. Il 91% degli attacchi informatici ha preso di mira più organizzazioni utilizzando tecniche di scansione di massa, in aumento rispetto al 69% nel 2023.
2. I bot rappresentano il 36% del traffico internet globale.
3. Maggiore utilizzo di domeni fuori banda per sfruttare le vulnerabilità dei plugin di WordPress.
4. Il 49% degli indirizzi IP dannosi è stato attivo per solo un giorno, con una durata media di 3,5 giorni.
5. High Tech rimane il settore più colpito (37%), seguito da Media e Intrattenimento (21%) e Servizi Finanziari (17%).
Il rapporto sottolinea l'importanza di controlli di sicurezza adattivi e dell'anticipazione proattiva delle minacce.
El Informe de Amenazas de Fastly revela tendencias alarmantes en ciberseguridad. Los hallazgos clave incluyen:
1. El 91% de los ciberataques se dirigieron a múltiples organizaciones utilizando técnicas de escaneo masivo, un aumento del 69% en 2023.
2. Los bots constituyen el 36% del tráfico en internet global.
3. Aumento en el uso de dominios fuera de banda para explotar vulnerabilidades de plugins de WordPress.
4. El 49% de las direcciones IP maliciosas estuvo activa durante solo un día, con una duración promedio de 3,5 días.
5. Alta Tecnología sigue siendo la industria más atacada (37%), seguida de Medios y Entretenimiento (21%) y Servicios Financieros (17%).
El informe enfatiza la importancia de controles de seguridad adaptativos y de la anticipación proactiva de amenazas.
Fastly의 위협 통찰 보고서는 사이버 보안에서 경악스러운 추세를 드러냅니다. 주요 발견 사항은 다음과 같습니다:
1. 91%의 사이버 공격이 대량 스캔 기법을 사용하여 여러 조직을 표적 삼았으며, 이는 2023년의 69%에서 증가한 수치입니다.
2. 봇은 전 세계 인터넷 트래픽의 36%를 차지하고 있습니다.
3. WordPress 플러그인 취약점을 악용하기 위해 대역 외 도메인 사용이 증가하고 있습니다.
4. 49%의 악성 IP 주소가 단 하루만 활성화되었으며, 평균 지속 기간은 3.5일입니다.
5. 하이테크 산업이 여전히 가장 많이 공격받는 분야(37%)이며, 뒤이어 미디어 및 엔터테인먼트(21%)와 금융 서비스(17%)가 있습니다.
이 보고서는 적응형 보안 통제 및 능동적인 위협 예측의 중요성을 강조합니다.
Le Rapport sur les Menaces de Fastly révèle des tendances alarmantes en matière de cybersécurité. Les principales conclusions incluent :
1. 91 % des cyberattaques ont visé plusieurs organisations en utilisant des techniques de balayage de masse, en hausse par rapport à 69 % en 2023.
2. Les bots représentent 36 % du trafic internet mondial.
3. Augmentation de l'utilisation des domaines hors bande pour exploiter les vulnérabilités des plugins WordPress.
4. 49 % des adresses IP malveillantes ont été actives pendant seulement un jour, avec une durée moyenne de 3,5 jours.
5. High Tech reste le secteur le plus ciblé (37 %), suivi par les médias et divertissements (21 %) et les services financiers (17 %).
Le rapport souligne l'importance des contrôles de sécurité adaptatifs et de l'anticipation proactive des menaces.
Der Bedrohungsbericht von Fastly zeigt alarmierende Trends in der Cybersicherheit auf. Zu den wichtigsten Ergebnissen gehören:
1. 91 % der Cyberangriffe richteten sich gegen mehrere Organisationen mithilfe von Massenscan-Techniken, ein Anstieg von 69 % im Jahr 2023.
2. Bots machen 36% des globalen Internetverkehrs aus.
3. Zunehmende Nutzung von Out-of-Band-Domains zur Ausnutzung von WordPress-Plugin-Schwachstellen.
4. 49 % der bösartigen IP-Adressen waren nur einen Tag lang aktiv, mit einer durchschnittlichen Dauer von 3,5 Tagen.
5. High Tech bleibt die am stärksten angegriffene Branche (37 %), gefolgt von Medien und Unterhaltung (21 %) und Finanzdienstleistungen (17 %).
Der Bericht betont die Wichtigkeit adaptiver Sicherheitskontrollen und proaktiver Bedrohungsantizipation.
- Fastly's Next-Gen WAF protects over 90,000 apps and APIs
- Fastly's WAF inspects ~5.5 trillion requests per month
- Fastly provides valuable threat intelligence through its Network Learning Exchange (NLX)
- 91% of cyberattacks targeted multiple organizations, up from 69% in 2023
- 36% of global internet traffic is attributed to bots
- Increase in usage of out-of-band domains to exploit WordPress Plugin vulnerabilities
- 49% of malicious IP addresses were active for just one day, making detection difficult
The surge in mass scanning attacks, targeting 91% of customers (up from 69% last year), signals a significant shift in cybercriminal tactics. This widespread approach increases the odds of finding vulnerabilities across multiple organizations, amplifying the potential impact of each attack. The prevalence of short-lived IP addresses (49% lasting just one day) indicates sophisticated evasion techniques, challenging traditional security measures.
The rise in out-of-band domain usage for WordPress plugin exploits is particularly concerning, as it allows attackers to inject malicious content and install backdoors stealthily. With bots comprising
The report highlights the tech sector's continued vulnerability, accounting for
The increase in mass scanning techniques suggests that attackers are casting wider nets, potentially impacting a broader range of companies across these sectors. This trend necessitates a more collaborative approach to cybersecurity, where threat intelligence sharing becomes important for collective defense against evolving attack methodologies.
The findings underscore the need for a paradigm shift in cybersecurity risk management. With 91% of attacks targeting multiple organizations, companies can no longer rely solely on their own defenses. The interconnected nature of modern cyber threats demands a more collaborative, ecosystem-wide approach to risk mitigation.
The short lifespan of malicious IP addresses (3.5 days on average) emphasizes the importance of real-time threat intelligence and adaptive security controls. Organizations must invest in dynamic defense mechanisms capable of responding to rapidly changing threat vectors. Additionally, the prevalence of bot traffic (
Additional findings show unwanted bots, short-lived IP addresses and out-of-band domains used by adversaries to commit cybercrime and avoid detection
The Fastly Threat Insights Report builds on the 2023 “Fastly Network Effect Threat Report,” and is based on data collected April 11 to June 30, 2024 from Fastly’s Network Learning Exchange (NLX), the collective threat intelligence feed for Fastly’s Next-Gen WAF, and Out-of-Band (OOB) Domains as well as traffic signaled by Fastly Bot Management from April 1 to June 30, 2024. Fastly’s Next-Gen WAF protects over 90,000 apps and APIs1 and inspects ~5.5 trillion requests per month2 across some of the world’s largest e-commerce, streaming, media and entertainment, financial services, and technology companies.
Among the report’s key findings:
-
Adversaries performing mass scanning:
91% of attacks originating from NLX sources targeted multiple customers;19% targeted over 100 different customers. This is a significant increase from Q2 2023 insights, where69% of NLX sources targeted multiple customers. -
Bots comprise more than one-third of Internet traffic: A significant amount of global internet traffic is attributed to requests generated by automation tools; approximately
36% of traffic originated from bots, while the remaining64% came from human users. - Dramatic increase in usage of out-of-band domains to actively exploit three WordPress Plugin CVEs (CVE-2024-2194, CVE-2023-6961, and CVE-2023-40000). Seven out-of-band domains were used to inject malicious content, install backdoors, and track infected applications.
-
Short-lived IP addresses help attackers evade detection:
49% of IP addresses added to NLX were listed for just one day, with the average duration being 3.5 days. Attackers use IPs for a short period to avoid detection, highlighting the importance of adaptive security controls that can mitigate varied threats. -
High Tech remains top industry targeted, accounting for
37% of attacks, although slightly down from last year at46% . Other top industries for 2024 include Media & Entertainment (21% ) and Financial Services (17% ).
“By performing mass scanning, attackers increase the likelihood of discovering vulnerable systems. The more targets scanned, the higher the probability of finding at least one exploitable weakness,” said Fastly Staff Security Researcher Simran Khalsa. “It’s not enough to respond to attacks. We must anticipate them, continuously adapt, and stay one step ahead. Based on trillions of requests across our global customer base, this new report provides an overview of the current threat landscape and actionable insights for security teams to help protect their valuable assets.”
To read the complete report, visit https://learn.fastly.com/security-threat-insights-report.
About Fastly, Inc.
Fastly’s powerful and programmable edge cloud platform helps the world’s top brands deliver online experiences that are fast, safe, and engaging through edge compute, delivery, security, and observability offerings that improve site performance, enhance security, and empower innovation at global scale. Compared to other providers, Fastly’s powerful, high-performance, and modern platform architecture empowers developers to deliver secure websites and apps with rapid time-to-market and demonstrated, industry-leading cost savings. Organizations around the world trust Fastly to help them upgrade the internet experience, including Reddit, Neiman Marcus, Universal Music Group, and SeatGeek. Learn more about Fastly at https://www.fastly.com, and follow us @fastly.
____________________
1 As of March 2022.
2 Trailing 6-month average as of August 1, 2024.
Source: Fastly, Inc.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240820055574/en/
Media Contact
Spring Harris
press@fastly.com
Investor Contact
Vernon Essi, Jr.
ir@fastly.com
Source: Fastly, Inc.
FAQ
What percentage of cyberattacks targeted multiple organizations according to Fastly's 2024 report?
How much of global internet traffic is attributed to bots in Fastly's 2024 report?
What is the average duration of malicious IP addresses according to Fastly's 2024 report?
Which industry remains the top target for cyberattacks according to Fastly's 2024 report?
