• About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Privacy Policy
  • Contact us
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • GITEX
  • Digital Magazine
No Result
View All Result
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • GITEX
  • Digital Magazine
No Result
View All Result
CXO Insight Middle East
No Result
View All Result

F5 Labs Releases New Analysis of Security Incident Response Team data

by CXO Staff
April 6, 2021
in News

DoS and password login attacks such as brute force and credential stuffing are on the rise, according to new research from F5 Labs.

DDoS security

According to new research from F5 Labs, Denial-of-Service (DoS) and password login attacks such as brute force and credential stuffing are on the rise. The analysis of three years of incidents reported to the F5 Security Incident Response Team (SIRT) also found that Application Programming Interface (API) attacks are becoming increasingly widespread.

“Attackers, as always, choose the most efficient ways to turn a profit. Our weaknesses are their opportunities. We can definitely expect more password login, DoS and API attacks on the horizon,” said Raymond Pompon, Director of F5 Labs.

F5 Labs found that nearly a third (32%) of all F5 SIRT’s annually reported incidents were DoS attacks.  However, the percentage is creeping up, with 36% of incidents reported in 2020.

Most DoS attacks are network volumetric floods (commonly known as TCP SYN or UDP floods). F5 SIRT also received reports of “Slow POST/Slowloris” attacks, designed to initiate and keep as many of a victim’s connections open as possible. 19% of reported DoS incidents involved attacks on DNS.

DoS attacks were most prominent in the APCJ region, accounting for 57% of its reported SIRT incidents. EMEA was next in the firing line with 47%, followed by the US and Canada (33%) and LATAM (30%). EMEA experienced the biggest jump in its percentage of reported incidents since 2018, rising from 2,2% to 23% in 2020, which represents an eye-catching 945% spike.

The most targeted sectors were service providers and educational institutions, with both reporting DoS attacks as 59% of all incidents. Finance and public sector organisations were the next highest at 36% and 28%, respectively.

The enduring problem of password login attacks

Attacks on password logins continue to grow year-on-year. Despite a slight dip in 2019, F5 Labs noted that password login attacks accounted for 32% of all reported SIRT incidents over the past three years. Separate analysis in the fourth edition of F5’s Phishing and Fraud Report also reflected how phishing incidents rose 220% during the height of the first waves of the COVID-19 pandemic when compared to the yearly average.

Password login attacks were the most reported type of incident in the United States and Canada, representing 45% of all reported incidents. LATAM took second spot (40%), trailed by EMEA (30%) and APCJ (11,7%).

Sector-wise, banking and financial services organisations suffered most (46% of all incidents), followed by the public sector (39%) and service providers (27,8%).

“Financial institutions have got better at defending their systems, but attackers are going after the weakest link: their customers. It’s hard for a financial services organisation to know if a consumer is reusing their password somewhere else, especially somewhere with weaker security,” Pompon explained.

API attacks become more widespread

F5 Labs’ analysis also emphasized the growing problem of attacks on APIs, which are extensively used in the cloud, for mobile apps, in software-as-a-service offerings, and in containers.

Of all reported F5 SIRT incidents, 4% were API-related and, of those, 75% of them were password login attacks. Finance and service providers are the top industries reporting API attacks to the F5 SIRT.

“As APIs are essentially web logins, often password logins grant elevated access to critical applications. What is troubling is that attackers are using password login attacks, such as brute force, knowing full well that 69% of API breaches in 2019 were attributable to poor access control,” said Pompon.

Tags: CybersecurityDoSF5 Labsfeatured3phishingRaymond Pompon
ShareTweet

Related Posts

Massive data breach exposes 16 billion credentials
Future

Massive data breach exposes 16 billion credentials

In what cybersecurity experts are calling possibly the largest credential leak ever, over 16 billion usernames and passwords have been...

June 20, 2025
Pure Storage introduces the Enterprise Data Cloud
Future

Pure Storage introduces the Enterprise Data Cloud

Pure Storage has introduced the Enterprise Data Cloud (EDC), a bold new standard in data and storage management simplicity that...

June 19, 2025

Discussion about this post

Latest Issue

Massive data breach exposes 16 billion credentials

Massive data breach exposes 16 billion credentials

June 20, 2025
Pure Storage introduces the Enterprise Data Cloud

Pure Storage introduces the Enterprise Data Cloud

June 19, 2025
HCLSoftware targets Middle East growth with XDO Framework launch in Dubai

HCLSoftware targets Middle East growth with XDO Framework launch in Dubai

June 18, 2025

The most trusted source of strategic intelligence for IT decision makers in the Middle East.

About

  • About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Contact Us

Policies

  • Privacy Policy

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f X-twitter Linkedin
Separated they live in Bookmarksgrove right at the coast of the Semantics, a large language ocean. A small river named Duden.

About

  • About Us
  • Site Map
  • Contact Us
  • Career

Policies

  • Help Center
  • Privacy Policy
  • Cookie Setting
  • Term Of Use

Join Our Newsletter

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f Twitter Youtube Instagram

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Join our mailing list
Sign up here to get the latest news, updates and special offers delivered directly to your inbox.
No Result
View All Result
  • News
  • Opinions
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
  • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CX50 Oman
    • CXO50
    • ICT Awards
      • Dubai
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2023
    • All events
  • Videos
  • GITEX GLOBAL
  • Digital Magazine

© 2024 - CXO Insight Middle East. All Rights Reserved.