Q2 DDoS Attacks Decline

Monday, July 21, 2014 @ 12:07 PM gHale

Distributed denial-of-service (DDoS) attacks in the second quarter decreased in intensity and frequency, compared to Q1, a new report found.

The average size of the DDoS incidents recorded in Q2 2014 was of 759.83 Mb/s, 47 percent less compared to the first quarter of the year, while the peak reached just 154.69 Gb/s, a little more than half of that recorded in Q1, according to the report from security provider Arbor Networks.

RELATED STORIES
Breach Alert: Critical Infrastructure at 70%
Data Breaches: Not Learning from History
Sounding Off on Internet of Things
BYOD Use Surging; Policy Usage Weak

Their systems registered a fall in the number of NTP reflection attacks, probably caused by the continued efforts to raise awareness about the flaw in the Network Time Protocol allowing amplification of a DDoS.

However, although incidents leveraging NTP amplification are dwindling, that does not mean they are going away. In fact, they still remain significant.

The largest NTP attack in the second quarter of 2014 lasted for 25 minutes, it was 154GB large and it targeted a victim in Spain, according to telemetry from Arbor Networks.

The amount of attacks driving more than 100Gb/s of junk data to the systems of a victim dropped to 39, while in the first quarter the number was almost twice as large (72).

In June 2014, the average of NTP amplification was 32.3Gbps. In February, the number was at 351.64 Gbps.

Most of the incidents had a duration consistent with the telemetry from the first months of the year, lasting less than an hour. However, the average has increased from 60 minutes in Q1, to 72 minutes.

As far as the sources of the attacks go, Arbor Networks found South Korea as the leading location; the information takes into consideration the fact the origin of 34 percent of the incidents was not immediately available because of data anonymization or distribution. The U.S. came in second and China took the third spot.

The most targeted victims were in the same countries, but the U.S. is in first place, followed by China and South Korea.

The company also offers some year on year information, revealing a clear increase in the duration of the attacks and their intensity. So far, the largest volumetric DDoS attack in 2014 lasted for four hours and 22 minutes and was 325Gb/s in size (NTP); the victim was in France.

The largest application layer attack recorded no less than 94.42 Mpps, occurred over port 80 and lasted for 7 minutes; the victim was from the United States.

Click here to view the full report from Arbor Networks.



Leave a Reply

You must be logged in to post a comment.