DDoS Victims Hit Multiple Times

Tuesday, October 3, 2017 @ 02:10 PM gHale


There was an increase in the amount of distributed denial of service (DDoS) application layer attacks in the second quarter compared to last year, with three quarters of victims subjected to multiple attacks, according to a report.

That was a big jump from 2016 when 43.2 percent of targets suffered from multiple attacks in the second quarter, according to Imperva’s Global DDoS Threat Landscape for Q2 2017.

RELATED STORIES
DNS Security Very Reactionary
Corporations Unprepared for Emergencies
Manufacturing Open to Attacks: Report
DDoS Attacks Use Multiple Vectors

The number of application layer attacks observed each week reached 973 in Q2 2017, down from 1,099 per week in the previous quarter. The number of mitigated network assaults decreased as well, falling from 296 per week in the prior quarter to only 196 per week, the report found.

The largest network layer attack Imperva mitigated was 350 Gbps (gigabit per second) and employed a tactic called a pulse wave attack. This method of launching DDoS attacks can be used to pin down multiple targets with alternating high-volume bursts.

Imperva’s report also found United States websites were hit the most with repeat application layer attacks. While the global percentage of targets hit multiple times is of 75.8 percent, the amount increases to 80.3 percent when U.S. websites are in play. The majority of targets that suffered 50 or more attacks were hosted in the U.S.

Multi-vector attacks went down significantly during the quarter, to only 21.7 percent, after reaching a record high 40.5 percent during the previous quarter. The decrease seems to come from the steep drop in two-vector assaults, which fell from 33.5 percent to 9.4 percent quarter over quarter. 78.3 percent of all attacks consisted of a single vector, the company reveals.

The quarter also marked a continuation of a trend toward short burst network layer attacks (91.7 percent of assaults lasted less than an hour). Most of these attacks can be attributed to botnet-for-hire, but pulse wave assaults and probing attempts also added to the numbers. Overall, 82.5 percent of attacks lasted less than 30 minutes, while the longest attack of Q2 2017 lasted for more than 147 hours.

The largest application layer attack observed during the quarter peaked at 89,134 requests per second, which was merely half of the 176,393 RPS attack registered during the previous quarter. The attack, though, lasted for 48 days, which was more than twice as long as the one in Q1 2017.



Leave a Reply

You must be logged in to post a comment.