14 DAY TRIAL // A fresh report from Prolexic shows that the number of distributed denial-of-service (DDoS) attacks for the second quarter of 2014 is lower, and that they were less powerful when compared to the first quarter.
Prolexic, an Akamai subsidiary offering solutions for mitigating DDoS incidents at network, transport and application layers, released new information regarding the latest trend when it comes to this type of attacks.
Compared to Q1 2014, the number of DDoS events recorded by their systems dropped, but at 0.2%, the value is quite low.
More significant is the data referring to the bandwidth used in an average event, which was 14% lower in Q2; application layer 7 also recorded a drop, by 15%. On the same note, the average peak bandwidth was lower by 36%.
As far as the average duration of an attack is concerned, it is similar for the two quarters of the first half of 2014, as the difference recorded was of only 0.2%. On average, the incidents lasted for 17.38 hours in Q1 and for 17.35 hours in Q2.
“Infrastructure-based attacks became even more popular among malicious actors, continuing to rise beyond Q1 levels with a further increase of 2 percent. These volumetric attacks can take out an entire data center by exhausting its incoming network bandwidth, as compared to other DDos methods that may target a single server.
“Infrastructure attacks are typically easier for an attacker to launch and require fewer resources through the use of reflection and amplification techniques against open and vulnerable servers,” says the report.
On the other hand, the researchers recorded an expected decline in NTP (Network Time Protocol) as a vector, thanks to continuous patching of these servers. Prolexic expects further decrease in this regard, as more public NTP servers are receiving the latest patch.
It appears that reflection-based incidents relying on Simple Network Management Protocol (SNMP) floods occurred more often lately (represented 3% of the total accounts), just like SYN floods, which recorded a 45% increase compared to the first quarter of the year.
However, the average bandwidth was higher, despite the fact that the 200Gbps limit reached in Q1 was not attained, suggesting that DDoS became more powerful.
The most targeted industry for the second quarter of the year was by far gaming (45.63%), followed by software and technology (22.29%) and media and entertainment (15.21%).
Contrary to the report from Arbor Networks, which showed South Korea as the top source of DDoS incidents, Prolexic puts the United States in the first position (20.26%), followed by Japan (18.16%) and China (12.30%).
From the data collected by Prolexic, DDoS attacks are becoming more sophisticated and more powerful. The conclusion of the report is that standard defenses are already challenged and will soon fail in the face of these incidents.