Singapore, November 23, 2022. CDNetworks, the global-leading CDN (Content Delivery Network) and Edge Service Provider, released its annual State of Web Security Report for H1 2022. The Security Report notes that distributed denial-of-service (DDoS), bot, and Application Programming Interface (API) attacks increased at an alarming rate in H1 2022. Web application attacks also increased over the same period, but at a much slower rate than DDoS attacks. CDNetworks believes this trend shows that security tools focusing on single attacks are no longer effective against today’s multiple cyber threat landscape. Leveraging a comprehensive security solution has never played a more important role for businesses and individuals.
Surging Trend for All Types of Attacks:
Of particular note are the following indicators noted in the Security Report:
- The level of DDoS attacks topped 2.09 TBPS, which broke the record level of traffic-induced DDoS attacks.
- The number of web application attacks increased by 12.56% over the same period last year, reaching 62.8875 million per day.
- Malicious bot attacks surged 2.27 times over the same period in 2021, with 77.366 billion incidents recorded.
- The number of API attacks had a 168.80% increase over the same period in 2021, with 9.0865 million API attacks blocked daily in H1 2021.
The Security Report goes on to say that data generated by the CDNetworks’ security platform show that risks of data breaches continue to escalate. This risk stems from the fact that increasing amounts of data and devices are being exposed to the network, making them vulnerable to the dual threat of external attacks and internal breaches. At the same time, API security threats continue to rise at breakneck speed, and the security challenges they present exceed those of traditional webpages. The end result is confirmation that the cybersecurity environment continues to change dramatically.
“As enterprises shift their business to the cloud, we found that some traditional web-protection rules no longer offer the capabilities they once did in combatting today’s complex and virulent cyberthreats. What enterprises actually need are security solutions that address cloud and hybrid environments holistically in a comprehensive and systematic security architecture. ” Said Doyle Deng, head of Global Marketing and Product of CDNetworks. “For this reason, we strongly recommend that enterprises adopt CDNetworks’ WAAP services to secure their data and their business with more beyond rule-based web protections. Features such as web application firewall, DDoS protection, bot management, and API management capabilities empower enterprise users of our WAAP services to establish a comprehensive cornerstone that has been proven effective in combatting API and web application attacks.”
The Security Report also monitored security associated with telecommuting within today’s enterprises. As the long-term global impact of COVID-19 takes hold, organizations are starting to accept remote a remote workforce and cloud-based applications as an alternative to on-premise workers. The Security Report compared policies governing centrally managed corporate devices to policies aimed at Bring Your Own Devices (BYODs), which allow employees to use their own devices — phone, laptop, tablet, or other device — to access business applications and data, rather than forcing employees to use company-provided devices for that purpose. The Security Report found that BYOD rules generally lack a clear security management policy, making them vulnerable to targeted hacking attacks. To address this, CDNetworks recommends that enterprises select Enterprise Secure Access (ESA), our zero-trust access solution, to establish a secure, efficient, and easy-to-use hybrid networking environment.
Click here to download this report.
As a global-leading CDN (Content Delivery Network) and Edge Service provider, CDNetworks delivers fully integrated cloud and edge computing solutions with unparalleled speed, ultra-low latency, rigorous security and reliability. Our diverse products and services include web performance, media delivery, enterprise applications, cloud security, and colocation services — all of which are designed to spur business innovation.