DDOS attacks have increased in number and size this year, report says
The average bandwidth of DDOS attacks increased eightfold during the first three months of 2013, according to Prolexic
IDG News Service - The volume, duration and frequency of distributed denial-of-service (DDOS) attacks used to flood websites and other systems with junk traffic have significantly increased during the first three months of this year, according to a report released Wednesday by Florida-based DDOS mitigation provider Prolexic.
The average attack bandwidth seen by Prolexic during the first quarter of 2013 was of 48.25 Gbps, an eightfold increase over the last quarter of 2012, when attack bandwidth averaged at 5.9Gbps.
The size of a high-profile attack last month against a spam-fighting organization called Spamhaus that was reported to have peaked at over 300Gbps, making it the largest in history, was grossly overestimated, Prolexic said in its report. However, Prolexic did mitigate a 130Gbps attack in March, it said.
About 25 percent of attacks against Prolexic's customers during the first three months of 2013 were modest and had an average bandwidth of under 1Gbps. However, 11 percent had an average bandwidth of more than 60Gbps, suggesting that attackers are becoming more organized and better equipped to launch large-scale attacks, the company said.
Such large-volume attacks are achieved with the help of botnets composed of compromised Web servers instead of PCs. Once compromised, these servers are controlled via rogue PHP scripts. This is the same method that has been used by a group called Izz ad-Din al-Qassam Cyber Fighters to attack U.S. financial institutions.
It's not just the bandwidth of attacks that increased, but also their packet-per-second (pps) rates, which averaged at 32.4 million pps during the first quarter of the year, Prolexic said.
While a large attack bandwidth might overload a target's Internet uplink, leaving it unable to handle other legitimate traffic, a high packet-per-second rate can create problems for the routing and other networking equipment of ISPs, carriers and even DDOS mitigation providers.
"Most mitigation equipment tends to be limited by pps capacity, not Gbps," Prolexic said. "But it's not just mitigation equipment that struggles against these high pps attacks. Even routers that carry traffic to the mitigation gear have trouble with packet rates at this level. As a result, we are entering a situation where simply moving such a large amount of attack traffic to a scrubbing center can be problematic," the company said.
The number of DDOS attacks in Q1 2013 increased by 1.75 percent over the last quarter of 2012 and by 21.75 percent over the same period of last year. Attacks targeting the infrastructure layer represented more than a third of all attacks observed during the first three months of the year, a rise of 3.65 percent over the previous quarter.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Live Webcast How to serve up a Grand Slam with a scalable IT Infrastructure for cloud, big data and advanced analytics Register today to attend this webcast, and see examples of how The U.S. Tennis Association, Wimbledon and U.S. Golf Association are using the...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Live Webcast IBM FlashSystem V840: Leveraging Software-Defined Flash to Drive Your Business With end-to-end, tightly integrated functionality and super-fast flash technology, products like IBM FlashSystem V840 Enterprise Performance Solution empower businesses to leverage the efficiency...
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to... All Cybercrime and Hacking White Papers | Webcasts