DDoS Attacks Go Big in Q1: Report

Monday, June 8, 2015 @ 04:06 PM gHale

Distributed denial-of-service (DDoS) attacks became front and center for IT services and cloud providers in the first quarter, a new survey found.

Q1 cloud providers and IT services underwent the largest volume of DDoS attacks, accounting for more than a third of all attacks and peaking in size at just over 54 Gbps, according to research from VeriSign.

IoT Prevalent, Opens Network to Attack
Industrial Security: A CEO’s Perspective
Realize IIoT Benefits
SCADA Attacks Continue to Rise

“The largest volumetric attack mitigated by Verisign in Q1 was primarily a UDP-reflection attack leveraging the Network Time Protocol (NTP) and Simple Service Discovery Protocol (SSDP) in combination with a lower volume of SYN flood traffic, which peaked at 54 Gbps/18 Mpps,” according to the report. “This attack targeted an IT Services/Cloud/SaaS customer and persisted for approximately four hours.”

The news wasn’t much better for the government and financial services sectors, where the frequency of attacks each grew from 15 percent in Q4 2014 to represent 18 percent of all Verisign mitigations in Q1 2015.

“The public sector and financial services industries continued to experience an uptick in attacks, with each constituting 18 percent of total Q1 2015 mitigations,” said Ramakant Pandrangi, vice president of technology at Verisign. “As noted in last quarter’s report, Verisign believes financial services firms and various international governing organizations may be targeted as part of political activism, or hacktivism. In addition, the ready availability and low cost of DDoS toolkits and DDoS botnets-for-hire is making it easier for actors to launch attacks.”

More than half of all the attacks peaked at more than one gigabit per second (Gbps), with 34 percent peaking between one and five Gbps. Nearly 10 percent of attacks reached more than 10 Gbps. In the case of volumetric DDoS attacks, sizes peaked at 54 Gbps/18 million packets per second (Mpps) for User Datagram Protocol (UDP) floods and 8 Gbps/22 Mpps for Transmission Control Protocol-based attacks.

Overall, VeriSign mitigated more DDoS attacks during the first quarter of 2015 than in any quarter of 2014, and the number of attacks increased seven percent over Q4 of last year.

Click here to view the VeriSign report.