Cloud SecurityCyber Crime & ForensicPress ReleaseThreat Detection & Defense

Akamai Survey Reveals APJ’s Lack of Preparedness Against Online Threats

Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, released the results of a new report  From Bad Bots to Malicious Scripts: The Effectiveness of Specialized Defencesthat finds businesses in Asia-Pacific and Japan (APJ) are unprepared in deploying specialized protective technologies compared to other global regions. As a result, businesses in the region are facing challenges in preventing malicious scripts and account takeover attacks.

The report, which surveyed key IT and security professionals, showed the prevalence and effectiveness of specialized third-party solutions that combat the challenges of malicious bots, account takeover (ATO), third-party scripts and audience hijacking.

“Malicious bots, scripts, and account takeover attacks are pervasive and will continue to pose ever greater challenges for businesses,” said Reuben Koh, Director of Security Technology & Strategy at Akamai. “Adopting third-party specialized defences not only helps organizations to adapt but also addresses the ever-changing attack techniques employed by cybercriminals. This also allows organizations to achieve stronger effectiveness at mitigating these pervasive online threats, while reducing overall risk for the business.”

Some findings of the report include:

Fraud And Abuse – How Protective Solutions Can Help

Account Takeover (ATO)
The account takeover threat environment is high in APJ, with almost three-quarters (73%) of businesses saying they have been attacked in the previous 12 months. The high rate of attack is not surprising, as APJ has the lowest rate of deployment for solutions to tackle account takeover threats – 60% compared to 83% globally. Globally, the most frequently reported gains by those who deployed specialized account takeover defences saw significant improvement were:

  • The ability to detect fraudulent or suspicious activity (44%)
  • Visibility into indicators of account compromise (41%)
  • The ability to detect fraudulent or suspicious logins (39%)

Script Protection
Only two-thirds of businesses in APJ (67%) are using specialized script protection solutions, well below the global average (85%). This lack of protection comes amidst a high-threat environment – more than three-quarters (78%) of businesses here say they have been targeted by malicious scripts in the past 12 months. Threats posed by malicious third-party scripts have become highly significant, and the upcoming PCI DSS 4.0 regulation, which is a global standard that establishes a baseline of technical and operational standards for protecting account data, will also have specific requirements on the need to address these types of threats. Globally, 71% of those using third-party solutions saw a significant reduction in abusive script behaviours, with another 24% seeing a moderate reduction. Of those who saw significant improvement, the three most frequently reported gains were:

  • The ability to detect compromised first and third-party scripts (38%)
  • The ability to prioritize events that require investigation (38%)
  • The ability to meet compliance requirements (38%)

Malicious Bots
64% of APJ experienced bot attacks in the previous 12 months (compared to 75% overall). Globally nearly all (97%) reported an improvement in their efforts to combat bots, with more than half (54%) of those using third-party solutions indicating their cybersecurity capabilities have improved significantly since deployment. Of those who saw significant improvement, the top three capabilities and gains most frequently mentioned were:

  • The ability to handle high heat events and surges in traffic (47%)
  • An improvement in marketing effectiveness (42%)
  • The ability to balance security controls with performance optimization (41%)

Audience Hijacking 
Almost all (92%) APJ organizations are aware of audience hijacking, while 26% have been affected by it. Audience hijacking often leads to direct loss of revenue for online retailers, usually due to consumers taking their purchasing decisions elsewhere as they are being lured by lower prices or fraudulent advertising. Globally, those who had experienced audience hijacking said the top two effects on their businesses were:

  • Increased cart abandonment (43%)
  • Increased affiliate fraud (41%)

Methodology
Akamai partnered with Foundry on the report which surveyed more than 300 global IT and security decision-makers. Respondents were asked about the solutions they had in place for four broad categories of fraud and abuse: malicious bots, account takeover attacks, script protection, and audience hijacking prevention.

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *