Global internet traffic surged by 25% in 2023, with the number of internet users worldwide reaching 5.3 billion. This growth was fueled by various factors, including the expansion of services like Google and OpenAI, and the introduction of fast Internet in previously unserved regions by SpaceX’s Starlink.
The increase in internet traffic was most noticeable in countries newly served by Starlink. For instance, in Brazil, traffic escalated 17 times throughout the year. This growth in connectivity has been instrumental in bridging the digital divide, bringing the internet to regions previously unserved.
Other factors driving this growth are increased reliance on online services, remote work, and booming e-commerce. However, this rapid expansion comes at a cost: a rise in internet outages and heightened security concerns.
Cloudflare, a leading internet infrastructure and security company, recently released its annual report highlighting key trends:
- Outages on the Rise: Despite the growth, the internet is becoming increasingly vulnerable, with Cloudflare reporting 180 incidents involving large-scale outages. Government sanctions, natural disasters, and cyberattacks all contribute to network disruptions.
- Starlink Shines: SpaceX’s Starlink satellite internet service has brought high-speed internet to previously underserved regions, with traffic tripling in some countries like Brazil.
- Iceland Leads in Quality: Iceland boasts the highest quality internet thanks to its extensive fiber optic network.
- HTTP/3 Adoption Grows: The latest HTTP/3 protocol is gaining traction, serving a fifth of total traffic and particularly prevalent in regions with outdated equipment.
- IPv6 Still Lagging: The next-generation IPv6 protocol, despite being around for decades, faces slow adoption, though countries like India and Malaysia are leading the way.
- Android Dominates Mobile: Android devices generate two-thirds of global mobile internet traffic, with some regions like Bangladesh and Papua New Guinea reaching over 90% share, primarily due to the affordability of devices. In contrast, up to 70% of mobile traffic in Denmark, Australia, and Japan came from Apple iPhones.
- Post-Quantum Encryption on the Rise: With Chrome and other browsers receiving updates, the use of post-quantum encryption technologies in TLS 1.3 traffic is expected to boom in the coming year.
- Cybercriminals Shift Strategies: While phishing emails are declining, extortion attempts are rising. Additionally, malicious bot traffic increasingly originates from major cloud providers like Amazon Web Services and Google.
- US leads in bot activity: Nearly a third of all bot traffic originates from the United States.
These findings paint a complex picture of the internet’s current state. While the rapid growth presents immense opportunities, it also demands urgent attention to infrastructure upgrades, security enhancements, and global accessibility. Addressing these challenges requires collaboration between governments, internet service providers, and technology companies to ensure a more resilient and secure online future for everyone.
Additional key points:
- Iraq shut down the internet for several hours to prevent exam cheating, highlighting the use of internet access as a tool for control.
- The report underscores the need for continued investment in fiber optic networks for superior internet quality.
- Cloudflare’s report serves as a valuable resource for understanding the current state of the internet and anticipating future trends.
The report cited 180 incidents involving large-scale internet outages. These outages were caused by various factors, ranging from government sanctions, as seen in Mauritania and Gabon, to natural disasters like the Guam typhoon in May. In some cases, authorities shut down the internet for several hours to prevent exam cheating, as happened in Iraq.
Cloudflare played a significant role in managing this surge in internet traffic. The company processed approximately 13 billion emails, blocking around 250 million malicious messages from reaching customers’ inboxes. In Q2 2023 alone, Cloudflare blocked an average of 112 billion cyber threats each day.
Looking forward, nearly 2% of all TLS 1.3 traffic is expected to use post-quantum encryption technologies. This number is expected to grow rapidly over the next year as Chrome and other browsers are updated. As the digital landscape continues to evolve, companies like Cloudflare will play a crucial role in managing internet traffic and ensuring the security of online data.
Phishing Threats on the Rise: Cloudflare’s 2023 Report Unveils New Trends
Cloudflare also released its inaugural 2023 Phishing Threats Report. The report provides an in-depth analysis of the key phishing trends and offers recommendations based on email security data from May 2022 to May 2023. The report analyzed millions of email threat indicators and identified several key findings:
Increased Phishing Attempts:
- A 25% increase in phishing attacks compared to the previous year, with over 250 million malicious messages detected.
- Phishing emails impersonating well-known brands remain a major threat, with Microsoft being the most impersonated brand.
Identity Deception:
- A significant rise in identity deception tactics, with 14.2% of detections involving impersonation attempts.
- Attackers are increasingly sophisticated in crafting convincing emails that appear to be from trusted sources.
Evolving Techniques:
- A shift towards the use of social engineering and emotional manipulation to trick victims into clicking on links or providing sensitive information.
- Phishers are also leveraging new technologies, such as AI-powered content generation, to create more believable and effective attacks.
Financial Losses:
- Phishing attacks continue to cause significant financial losses for individuals and businesses.
- The report estimates that phishing scams cost businesses over $30 billion annually.
Regional Variations:
- Phishing activity varies significantly across different regions of the world.
- North America and Europe are the most targeted regions, while Africa and South America see the least phishing activity.
Top Industries Targeted:
- Technology, finance, and retail are the top industries targeted by phishing attacks.
- This is likely due to the sensitive personal and financial information held by these industries.
Deceptive Links: The #1 Phishing Tactic
The report reveals that attackers primarily use deceptive links as their phishing tactic. These links are designed to appear authentic and legitimate to the victims, persuading them to click. Malicious links were the #1 threat category, comprising 35.6% of detected threats.
Rise in Identity Deception Threats
Identity deception threats, including business email compromise (BEC) and brand impersonation, are on the rise. These threats can easily bypass email authentication standards. The report noted an increase in identity deception threats from 10.3% to 14.2% of total detections.
Brand Impersonation: A Common Strategy
Attackers impersonated more than 1,000 different organizations in over 1 billion brand impersonation attempts. The most impersonated brand was Microsoft, followed by other well-known brands like Google, Salesforce, and Notion.so.
Newly Registered Domains: A Growing Concern
One-third (30%) of detected threats featured newly registered domains, making it the #2 threat category. These domains are often used by attackers to carry out phishing campaigns.
The Role of Email Authentication
Despite the implementation of email authentication checks like SPF, DKIM, or DMARC, the vast majority (89%) of unwanted messages passed these checks. This highlights the limitations of these checks in preventing phishing threats.
Cloudflare’s Recommendations:
- To combat the growing threat of phishing, Cloudflare recommends that individuals and businesses implement the following measures:
- Use strong passwords and enable two-factor authentication.
- Be cautious of unsolicited emails and links, and avoid clicking on attachments or links from unknown senders.
- Regularly update software and operating systems.
- Employ email security solutions that can detect and block phishing attempts.
