Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

DDoS Attacks Shorter, Repeated Frequently in 1H 2014: Report

High-Volume, High-Rate DDoS Attacks Increase in First Half of 2014

Distributed denial-of-service (DDoS) mitigation solutions provider NSFOCUS has released a report documenting the attacks and attack trends from the first half of 2014.

High-Volume, High-Rate DDoS Attacks Increase in First Half of 2014

Distributed denial-of-service (DDoS) mitigation solutions provider NSFOCUS has released a report documenting the attacks and attack trends from the first half of 2014.

The analysis of attacks tracked by the NSFOCUS Threat Response and Research (TRR) team and attacks mitigated by the NSFOCUS Managed Security Service (MSS) team for the company’s customers shows that high-rate, high-volume attacks have increased. More precisely, one third of attacks peaked at 500Mbps, while over 5% of them reached 4Gbps.

Half of the DDoS attacks analyzed by NSFOCUS were launched at a rate of over 0.2Mpps (million packets per second). This is a considerable increase compared to the previous period when it was roughly 16%. More than 2% of attacks were launched at a rate of over 3.2Mpps in the first half of this year, the company said.

According to the report released Sept. 23, a majority of the attacks (more than 90%) lasted less than 30 minutes, but were repeated frequently. Such operations can result in significant damage for organizations that need to provide services without interruption, such as hosting services, e-commerce websites and online gaming platforms. 

 More than 42% of the organizations monitored by the DDoS protection company were hit more than once, and 2.5% were attacked repeatedly over 10 times. The highest number of DDoS attacks launched against the systems of a single organization was 68, the company said.

NSFOCUS’s data shows that attacks against certain sectors increased considerably in the first half of 2014. Attacks targeting ISPs increased by 87.2%, ones aimed at enterprises by 100.5%, and against online gaming services by 60%.

HTTP Flood, DNS Flood and TCP Flood accounted for almost 85% of all attacks, with DNS Floods continuing to be the preferred method of attack, NSFOCUS said.

Advertisement. Scroll to continue reading.

The longest attack observed by the company lasted for 9 days and 11 hours, and 23 Mpps was the rate of the largest single attack.

“NSFOCUS has maintained a continuous review of DDoS attacks over recent years, and we have observed that the trends constantly change as attacks morph and hacker behavior evolves. To stay ahead of these trends, we strongly encourage our customers to take a defensive approach in identifying and mitigating these threats before they happen,” advised Terence Chong, solutions architect at NSFOCUS.

Earlier this month, Akamai Technologies published an advisory to warn enterprises that attackers are launching DDoS attacks with the aid of Linux malware installed on servers running vulnerable software.

The complete NSFOCUS mid-year threat report is available online.

 

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

Former Wiz executive Trish Cagliostro has joined Orchid Security as Chief Revenue Officer.

Transcend has named former UnitedHealth Group CISO Aimee Cardwell as CISO in Residence.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.