Connect with us

Hi, what are you looking for?


Network Security

Record Number of 100+ Gbps DDoS Attacks Hit in Q1 2016: Akamai

Dominated by an overall increase in the number of distributed denial of service (DDoS) attacks, the first quarter of the year also saw a record number of attacks (19) larger than 100 Gbps, a recent report from Akamai reveals.

Dominated by an overall increase in the number of distributed denial of service (DDoS) attacks, the first quarter of the year also saw a record number of attacks (19) larger than 100 Gbps, a recent report from Akamai reveals.

According to the company’s State of the Internet – Security Report, there was a 125.36% increase in total DDoS attacks and a 142.14% increase in infrastructure layer (layers 3 & 4) attacks in Q1 2016 compared to the same period of last year. The average attack duration, however, showed a 34.98% decrease, from 24.82 hours to 16.14 hours, the report reveals.

The most important change, however, is a 137.5% increase in 100+ Gbps attacks year-over-year to a record 19 attacks, a number that also marks a 280% increase over the fourth quarter of 2015. On quarter, the total number of DDoS attacks went up 22.47%, infrastructure layer incidents grew 23.17%, while the average attack duration went up 7.96% (16.14 vs. 14.95 hours).

The use of stresser/booter-based botnets also increased in Q1, and Akamai says that most of the 19 “mega-attacks” observed in the timeframe appeared to be powered by tools common to booters/stressers. The largest DDoS attack in the quarter measured 289 Gbps, six incidents exceeded 30 million packets per second (Mpps), while two attacks peaked at more than 50 Mpps, the report reveals.

The software & technology, gaming, and media & entertainment sectors were affected the most during the quarter, Akamai says. The online gaming sector was hit hard in the three-month period, accounting for 55% of all DDoS incidents.

The first three months of the year also marked a 25.52% increase in total web application attacks over the previous three-month period, as well as a 235.99% increase in web application attacks over HTTPS. SQLi attacks went up 87.32%, while the number of web application attacks over HTTP went down 1.77% compared to the previous quarter.

The report also reveals that 59% of the total of 4,523 DDoS attacks that Akamai mitigated during the first quarter of the year were multi-vector attacks, a continuation of a trend observed in the previous quarter, supposedly fueled by increasingly sophisticated attack tools. 59% of reflection DDoS attacks were NTP reflectors, marking an increase of 72% compared with Q4 2015.

Advertisement. Scroll to continue reading.

According to the report, China was the largest source of DDoS attacks in Q1, accounting for 27% of attacks, while the United States came in second with 17%, followed by Turkey with 10%. However, the US accounted for the largest web application attack source traffic (43%), followed by Brazil at 12%, and China and the Netherlands at 8% each. Romania (7%), Russia, the UK (6% each), Germany (4%), and Ukraine and India (3% each) rounded up top 10.

In April, security researchers at Imperva detailed a massive Layer 7 DDoS attack that peaked at 8.7 Gbps, although such attacks rarely rise above 500Mbps. In February, Sucuri researchers revealed that tens of thousands of WordPress websites were being used to launch Layer 7 DDoS attacks.

Related: DDoS Attacks Abuse TFTP for Reflection and Amplification

Related: DDoS Attacks Continue to Rise in Power and Sophistication

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...