DDoS Attackers Change Tactics

Friday, October 25, 2013 @ 07:10 PM gHale

Attackers are very good at changing up any kinds of routines to throw off their victims as much as possible and last quarter was no exception.

That is because distributed denial of service (DDoS) attackers changed tactics in the third quarter this year in an effort to boost attack sizes and hide their identities, according to security provider Prolexic.

Google Offers DDoS Protection
Preliminary Cybersecurity Framework Released
ICS Cyber Security Lifecycle
RISI: Industry Attacks Growing

“This quarter, the major concern is that reflection attacks are accelerating dramatically, increasing 265 percent over Q3 2012 and up 70 percent over Q2,” said Stuart Scholly, president of Prolexic. “The bottom line is that DDoS attackers have found an easier, more efficient way to launch high bandwidth attacks with smaller botnets and that’s concerning.”

Attackers are chomping at the bit to send out distributed reflection denial of service (DrDoS) attacks as they obscure the source of the attack, while enabling the bandwidth of intermediary victims to multiply the size of the attack. In DrDos attacks, there are two victims, the intended target and the intermediary that is unknowingly supporting the attack.

The number of attacks against Prolexic clients in Q3 2013 remained high and represented the highest total for one quarter. This occurrence illustrates a consistently heightened level of DDoS activity around the world over the last six months. Of note, more than 62 percent of Q3 DDoS attacks originated from China, far surpassing all other countries.

For the quarter, peak bandwidth averaged 3.06 Gbps and peak packets-per-second (pps) averaged 4.22 Mpps. The largest attack Prolexic mitigated during Q3 hit a European media company, peaking at 120 Gbps.

Compared this past quarter to the pervious quarter there was a:
• 1.58 percent increase in total DDoS attacks
• 6 percent decrease in application layer (Layer 7) attacks
• 4 percent increase in infrastructure (Layer 3 & 4) attacks
• 44 percent decrease in the average attack duration: 21.33 hours vs. 38 hours.

Compared to the year ago quarter there was a:
• 58 percent increase in total DDoS attacks
• 101 percent increase in application layer (Layer 7) attacks
• 48 percent increase in infrastructure (Layer 3 & 4) attacks
• 12.3 percent increase in the average attack duration: 21.33 hours vs. 19 hours.

Leave a Reply

You must be logged in to post a comment.