Global DDoS attacks surge 57% yoy in Q4: Report

Akamai Technologies observed 57 percent more DDoS attacks during Q4 2014, compared to Q4 a year ago. Also, the quarter saw 52 percent increase in average peak bandwidth of DDoS attacks. Large packets of unwanted network traffic can quickly sap an enterprise’s ability to respond to legitimate customers, resulting in denial of service outages, said the company’s ‘Q4 2014 State of the Internet – Security Report’. [caption id=“attachment_2008047” align=“alignleft” width=“380”] Reuters[/caption] “An incredible number of DDoS attacks occurred in the fourth quarter, almost double what we observed in Q4 a year ago,” said John Summers, vice president, Cloud Security Business Unit, Akamai. “Denial of service is a common and active threat to a wide range of enterprises. The DDoS attack traffic was not limited to a single industry, such as online entertainment that made headlines in December. Instead, attacks were spread among a wide variety of industries.” “Most unprotected sites cannot withstand a typical DDoS attack. As a result, DDoS attacks have become part of the common cybersecurity threatscape that all enterprises with an online presence must anticipate in a risk assessment.” Resourceful DDoS-for-hire booter suites took a low-investment approach by tapping into reflection-based DDoS attacks. Nearly 40 percent of all DDoS attacks used reflection techniques, which rely on Internet protocols that respond with more traffic than they receive and do not require an attacker to gain control over the server or device. Widespread availability of for-hire DDoS services allowed low-level, non-technical attackers to purchase ready-to-use DDoS services. The expansion of the DDoS-for-hire market also promoted the use of multi-vector campaigns, as the competitive market drove attack innovation. Significantly more multi-vector attacks were observed – 88 percent more than in Q4 2013. More than 44 percent of all attacks used multiple attack vectors. The timing of DDoS attacks was distributed more evenly in Q4, a DDoS trend that appears to be fueled by an increasing number of targets of greater value in previously underrepresented geographic locations. In addition, geographical sources of malicious traffic have shifted. The United States and China continued as the lead source countries for DDoS traffic, but instead of the Brazil, Russia, India and China (BRIC) block that dominated in Q3 2014, Q4 DDoS attack traffic came in large part from the United States, China and Western Europe. Some of the highlights on year-over-year basis include: 77 percent decrease in average peak packets per second; 51 percent more application layer attacks; 58 percent more infrastructure layer attacks; 28 percent increase in average attack duration; 84 percent more multi-vector attacks; and 200 percent increase in 100+ Gbps attacks.