The majority of DDoS attacks are short in duration and repeated frequently, according to a newly issued 2014 Mid-Year Threat Report from NSFOCUS, which specializes in distributed denial of service (DDoS) mitigation solutions.
However, the number of high-volume and high-rate DDoS attacks continued to rise in the first half of 2014 as well. The report drew on statistical analysis of actual DDoS attacks.
Some of the key findings from the report include:
- Attacks continue to be short in duration with repeated frequency: More than 90 percent of attacks detected lasted less than 30 minutes. This ongoing trend indicates that latency-sensitive websites, such as online gaming, eCommerce and hosting service should be prepared to implement security solutions that support rapid response.
- High-rate, high-volume attacks increased: DDoS traffic volume was up overall with a third peaking at over 500Mbps and more than five percent reaching up to 4Gbps. In addition, findings showed that over 50% DDoS attacks were above 0.2Mpps in the first half of 2014, increasing from around 16%. And over 2% of DDoS attacks were launched at a rate of over 3.2Mpps.
- Top three DDoS attack methods revealed: HTTP Flood, TCP Flood and DNS Flood were the top three attack types, together making up 84.6 percent of all attacks. DNS Flood attacks held their place as the most popular attack method, accounting for 42 percent of all attacks. While the number of DNS and HTTP Flood attacks decreased, TCP Flood attacks grew substantially.
- Increase in ISPs, enterprises and online gaming targets: Attacks targeting ISPs increased by 87.2 percent, enterprises by 100.5 percent and online gaming by 60 percent.
- Longest, largest and highest-frequency attacks: The longest single attack lasted nine days and 11 hours, or 228 hours, while the single largest attack in terms of packet-per-second (pps) hit at a volume of 23 million pps. More than 42 percent of attack victims were targeted multiple times while one in every 40 victims was repeatedly hit more than 10 times. The highest frequency of attacks experienced by a single victim was 68 separate DDoS attacks.
“NSFOCUS has maintained a continuous review of DDoS attacks over recent years, and we have observed that the trends constantly change as attacks morph and hacker behavior evolves. To stay ahead of these trends, we strongly encourage our customers to take a defensive approach in identifying and mitigating these threats before they happen,” stated Terence Chong, Solutions Architect, NSFOCUS.
