NSFOCUS has released its mid-year threat report for 2013

Sep 13, 2013 17:11 GMT  ·  By

Distributed denial-of-service (DDOS) protection solutions provider NSFOCUS has published its mid-year DDOS Threat Report for 2013.

The company’s anti-DDOS analysts have observed 168,459 incidents and determined that, on average, 1.29 DDOS attacks are launched worldwide every two minutes.

Another interesting observation made by NSFOCUS is the fact that the media mostly focuses on DDOS attacks launched by hacktivists, despite the fact that most operations are launched by profit-driven cybercriminals.

According to the report, 91.1% of all the DDOS events covered by the media focused on hacktivism, followed by business crime (4.4%), and cyber war (2.2%).

Operation Ababil launched by Izz ad-Din al-Qassam Cyber Fighters and the attack against Spamhaus, which experts named as being the biggest attack in history, were the most popular among media outlets.

When it comes to the characteristics of the DDOS attacks observed by NSFOCUS, most of them used TCP Flood (38.7%) and HTTP Flood (37.2%) as attack methods. A majority of the attacks were short and small, over 93% of them lasting for less than 30 minutes, and 80.1% of them maintaining a traffic rate of less than 50 Mbps.

Hybrid attacks are becoming more and more prevalent. Experts say that the most common combination is ICMP+TCP+UDP Flood.

It’s also worth noting that 68.7% of the targets were hit by more than one attack. This represents a 30% increase compared to last year. The number of organizations that suffered only one DDOS attack (31.3%) decreased by 19.4% compared to 2012.

“Profit-driven cybercriminals pay close attention to ‘hackernomics,’ deploying whatever form of attack causes the most damage with minimal effort,” commented Frank Ip, vice president of U.S. operations for NSFOCUS.

“For this reason, we expect application-layer attacks to remain the most common method of attack in the near term, and we anticipate a greater adoption of this method in the future.”