Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Cloud Providers Hit Hard by DDoS Attacks in Q1: VeriSign

IT services and cloud providers had a tough first quarter as far as dealing with distributed denial-of-service (DDoS) attacks.

IT services and cloud providers had a tough first quarter as far as dealing with distributed denial-of-service (DDoS) attacks.

According to research from VeriSign, in the first quarter of 2015 the company observed that those customers experienced the largest volume of DDoS attacks, accounting for more than a third of all attacks and peaking in size at just over 54 Gbps.

“The largest volumetric attack mitigated by Verisign in Q1 was primarily a UDP-reflection attack leveraging the Network Time Protocol (NTP) and Simple Service Discovery Protocol (SSDP) in combination with a lower volume of SYN flood traffic, which peaked at 54 Gbps/18 Mpps,” according to the report. “This attack targeted an IT Services/Cloud/SaaS customer and persisted for approximately four hours.”

The news wasn’t much better for the government and financial services sectors, where the frequency of attacks each grew from 15 percent in Q4 2014 to represent 18 percent of all Verisign mitigations in Q1 2015.

“The public sector and financial services industries continued to experience an uptick in attacks, with each constituting 18 percent of total Q1 2015 mitigations,” said Ramakant Pandrangi, vice president of technology at Verisign. “As noted in last quarter’s report, Verisign believes financial services firms and various international governing organizations may be targeted as part of political activism, or hacktivism. In addition, the ready availability and low cost of DDoS toolkits and DDoS botnets-for-hire is making it easier for actors to launch attacks.”

More than half of all the attacks peaked at more than one gigabit per second (Gbps), with 34 percent peaking between one and five Gbps. Nearly 10 percent of attacks reached more than 10 Gbps. In the case of volumetric DDoS attacks, sizes peaked at 54 Gbps/18 million packets per second (Mpps) for User Datagram Protocol (UDP) floods and 8 Gbps/22 Mpps for Transmission Control Protocol-based attacks.

Overall, VeriSign mitigated more DDoS attacks during the first quarter of 2015 than in any quarter of 2014, and the number of attacks increased seven percent over Q4 of last year.

Akamai Technologies recently reported an increase in the number of DDoS attacks it dealt as well, with the total number of attacks in Q1 jumping 35 percent compared to the final quarter of 2014. According to Akamai, attackers often used the Simple Service Discovery Protocol (SSDP), which accounted for more than 20 percent of the attack vectors used during the first three months of the year. The company also reported a 22.22 percent increase in application layer (Layer 7) DDoS attacks compared to the fourth quarter of last year.

The VeriSign report can be read here.

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.