Content delivery network (CDN) service provider and staunch security advocate Akamai Technologies, Inc. released its Q4 2016 State of the Internet / Security Report. Using data gathered from Akamai Intelligent Platform, which consists of more than 210,000 servers in more than 120 countries all over the world, the quarterly report shows a considerable growth in attacks and threats to security.

This rise may be attributed to the equally rising number of devices. “With the predicted exponential proliferation of these devices, threat agents will have an expanding pool of resources to carry out attacks, validating the need for companies to increase their security investments. Additional emerging system vulnerabilities are expected before devices become more secure,” explained senior security advocate and senior editor Martin McKeay.

The report reveals that unsecured Internet of Things (IoT) devices continue to drive significant DDoS attack traffic. DDoS, or Distributed Denial of Service, is an attack on a network that makes an online service or application unavailable by overwhelming it with traffic from multiple sources. DDoS remains a threat to websites and institutions that allows users to publish and access important information.

Akamai’s Q4 2016 report paints a grim landscape for cybersecurity as attacks greater than 100Gbps increased 140% year-over-year from Q4 2015. Seven out of ten of these 100Gbps-plus attacks are attributable to Mirai, a malware turning Linux-powered computers—predominantly IoT devices—into controlled “bot,” which can then be controlled macro scale. The largest on the said quarter was a 517Gbps Spike DDoS attack. Spike is a non-IoT botnet that has been around for more than two years. The report also mentions trends in web application attacks and top attack vectors. The full Q4 2016 State of the Internet / Security Report is available for download here.

“If anything, our analysis of Q4 2016 proves the old axiom ‘expect the unexpected’ to be true for the world of web security,” McKeay explained. “For example, perhaps the attackers in control of Spike felt challenged by Mirai and wanted to be more competitive. If that’s the case, the industry should be prepared to see other botnet operators testing the limits of their attack engines, generating ever larger attacks.”