DDOS attacks have increased in number and size this year, report says
The average bandwidth of DDOS attacks increased eightfold during the first three months of 2013, according to Prolexic
IDG News Service - The volume, duration and frequency of distributed denial-of-service (DDOS) attacks used to flood websites and other systems with junk traffic have significantly increased during the first three months of this year, according to a report released Wednesday by Florida-based DDOS mitigation provider Prolexic.
The average attack bandwidth seen by Prolexic during the first quarter of 2013 was of 48.25 Gbps, an eightfold increase over the last quarter of 2012, when attack bandwidth averaged at 5.9Gbps.
The size of a high-profile attack last month against a spam-fighting organization called Spamhaus that was reported to have peaked at over 300Gbps, making it the largest in history, was grossly overestimated, Prolexic said in its report. However, Prolexic did mitigate a 130Gbps attack in March, it said.
About 25 percent of attacks against Prolexic's customers during the first three months of 2013 were modest and had an average bandwidth of under 1Gbps. However, 11 percent had an average bandwidth of more than 60Gbps, suggesting that attackers are becoming more organized and better equipped to launch large-scale attacks, the company said.
Such large-volume attacks are achieved with the help of botnets composed of compromised Web servers instead of PCs. Once compromised, these servers are controlled via rogue PHP scripts. This is the same method that has been used by a group called Izz ad-Din al-Qassam Cyber Fighters to attack U.S. financial institutions.
It's not just the bandwidth of attacks that increased, but also their packet-per-second (pps) rates, which averaged at 32.4 million pps during the first quarter of the year, Prolexic said.
While a large attack bandwidth might overload a target's Internet uplink, leaving it unable to handle other legitimate traffic, a high packet-per-second rate can create problems for the routing and other networking equipment of ISPs, carriers and even DDOS mitigation providers.
"Most mitigation equipment tends to be limited by pps capacity, not Gbps," Prolexic said. "But it's not just mitigation equipment that struggles against these high pps attacks. Even routers that carry traffic to the mitigation gear have trouble with packet rates at this level. As a result, we are entering a situation where simply moving such a large amount of attack traffic to a scrubbing center can be problematic," the company said.
The number of DDOS attacks in Q1 2013 increased by 1.75 percent over the last quarter of 2012 and by 21.75 percent over the same period of last year. Attacks targeting the infrastructure layer represented more than a third of all attacks observed during the first three months of the year, a rise of 3.65 percent over the previous quarter.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- How WAN Optimization Helps Enterprises Reduce Costs If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Cybercrime and Hacking White Papers | Webcasts