DDOS attacks have increased in number and size this year, report says
The average bandwidth of DDOS attacks increased eightfold during the first three months of 2013, according to Prolexic
IDG News Service - The volume, duration and frequency of distributed denial-of-service (DDOS) attacks used to flood websites and other systems with junk traffic have significantly increased during the first three months of this year, according to a report released Wednesday by Florida-based DDOS mitigation provider Prolexic.
The average attack bandwidth seen by Prolexic during the first quarter of 2013 was of 48.25 Gbps, an eightfold increase over the last quarter of 2012, when attack bandwidth averaged at 5.9Gbps.
The size of a high-profile attack last month against a spam-fighting organization called Spamhaus that was reported to have peaked at over 300Gbps, making it the largest in history, was grossly overestimated, Prolexic said in its report. However, Prolexic did mitigate a 130Gbps attack in March, it said.
About 25 percent of attacks against Prolexic's customers during the first three months of 2013 were modest and had an average bandwidth of under 1Gbps. However, 11 percent had an average bandwidth of more than 60Gbps, suggesting that attackers are becoming more organized and better equipped to launch large-scale attacks, the company said.
Such large-volume attacks are achieved with the help of botnets composed of compromised Web servers instead of PCs. Once compromised, these servers are controlled via rogue PHP scripts. This is the same method that has been used by a group called Izz ad-Din al-Qassam Cyber Fighters to attack U.S. financial institutions.
It's not just the bandwidth of attacks that increased, but also their packet-per-second (pps) rates, which averaged at 32.4 million pps during the first quarter of the year, Prolexic said.
While a large attack bandwidth might overload a target's Internet uplink, leaving it unable to handle other legitimate traffic, a high packet-per-second rate can create problems for the routing and other networking equipment of ISPs, carriers and even DDOS mitigation providers.
"Most mitigation equipment tends to be limited by pps capacity, not Gbps," Prolexic said. "But it's not just mitigation equipment that struggles against these high pps attacks. Even routers that carry traffic to the mitigation gear have trouble with packet rates at this level. As a result, we are entering a situation where simply moving such a large amount of attack traffic to a scrubbing center can be problematic," the company said.
The number of DDOS attacks in Q1 2013 increased by 1.75 percent over the last quarter of 2012 and by 21.75 percent over the same period of last year. Attacks targeting the infrastructure layer represented more than a third of all attacks observed during the first three months of the year, a rise of 3.65 percent over the previous quarter.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Gartner 2013 Magic Quadrant for Enterprise Backup/Recovery Software See why CommVault was positioned as the #1 leader in Gartner's 2013 Magic Quadrant for Enterprise Backup/Recovery software for the 3rd year in...
- Forrester Report: CommVault is a Leader in Enterprise Backup and Recovery In this report, Forrester takes a deep dive into the evaluation criteria, how CommVault is positioned and the features and functionality that make...
- Forrester Wave for Enterprise Backup and Recovery Read this report to see how CommVault continues to outpace its competitors and why Forrester positioned CommVault Simpana as the top backup and...
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them.
On-Demand Webcast: 7 Reasons to Choose VoIP
Thinking about a new phone system for your business?
Be sure to watch this informative webcast. Steve Strauss, small business columnist for USA...
All Cybercrime and Hacking White Papers |