Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

DDoS Attacks Shorter, Repeated Frequently in 1H 2014: Report

High-Volume, High-Rate DDoS Attacks Increase in First Half of 2014

Distributed denial-of-service (DDoS) mitigation solutions provider NSFOCUS has released a report documenting the attacks and attack trends from the first half of 2014.

High-Volume, High-Rate DDoS Attacks Increase in First Half of 2014

Distributed denial-of-service (DDoS) mitigation solutions provider NSFOCUS has released a report documenting the attacks and attack trends from the first half of 2014.

The analysis of attacks tracked by the NSFOCUS Threat Response and Research (TRR) team and attacks mitigated by the NSFOCUS Managed Security Service (MSS) team for the company’s customers shows that high-rate, high-volume attacks have increased. More precisely, one third of attacks peaked at 500Mbps, while over 5% of them reached 4Gbps.

Half of the DDoS attacks analyzed by NSFOCUS were launched at a rate of over 0.2Mpps (million packets per second). This is a considerable increase compared to the previous period when it was roughly 16%. More than 2% of attacks were launched at a rate of over 3.2Mpps in the first half of this year, the company said.

According to the report released Sept. 23, a majority of the attacks (more than 90%) lasted less than 30 minutes, but were repeated frequently. Such operations can result in significant damage for organizations that need to provide services without interruption, such as hosting services, e-commerce websites and online gaming platforms. 

 More than 42% of the organizations monitored by the DDoS protection company were hit more than once, and 2.5% were attacked repeatedly over 10 times. The highest number of DDoS attacks launched against the systems of a single organization was 68, the company said.

NSFOCUS’s data shows that attacks against certain sectors increased considerably in the first half of 2014. Attacks targeting ISPs increased by 87.2%, ones aimed at enterprises by 100.5%, and against online gaming services by 60%.

Advertisement. Scroll to continue reading.

HTTP Flood, DNS Flood and TCP Flood accounted for almost 85% of all attacks, with DNS Floods continuing to be the preferred method of attack, NSFOCUS said.

The longest attack observed by the company lasted for 9 days and 11 hours, and 23 Mpps was the rate of the largest single attack.

“NSFOCUS has maintained a continuous review of DDoS attacks over recent years, and we have observed that the trends constantly change as attacks morph and hacker behavior evolves. To stay ahead of these trends, we strongly encourage our customers to take a defensive approach in identifying and mitigating these threats before they happen,” advised Terence Chong, solutions architect at NSFOCUS.

Earlier this month, Akamai Technologies published an advisory to warn enterprises that attackers are launching DDoS attacks with the aid of Linux malware installed on servers running vulnerable software.

The complete NSFOCUS mid-year threat report is available online.

 

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...