14 DAY TRIAL // With the proliferation of dirt-cheap DDoS stressors (booters), criminals are finding it incredibly simple to launch DDoS attacks, easier than ever before, as Akamai reveals in its latest State of the Internet - Security Report for Q1 2016.
The company says it detected and mitigated 4,523 attacks. 19 of these had a total bandwidth exceeding 100 Gbps, falling into the category of mega-DDoS attacks, of which Akamai previously identified only 8 in the previous quarter of Q4 2015.
Akamai has some theories about why this happened and says that a big role played the increased popularity of DDoS tools called stressers, or booters, which make launching DDoS attacks child's play.
Mitigating multi-vector DDoS attacks is a lot harder
These stressers, besides growing in numbers, also started adding support for multi-vector attacks. While in the past stressers could launch one particular type of DDoS attacks, now almost all DDoS-for-hire offerings provide multiple types of attack vectors, all easy to combine.
Multi-vector DDoS attacks are increasingly difficult to mitigate since each attack vector requires its own set of protections. Companies don't have the resources to buy full DDoS protection, or they don't have the staff to constantly mitigate ever-changing DDoS attack vectors.
Most of the detected attacks were reflection DDoS, in which crooks leveraged vulnerable servers to bounce off traffic to their target, sometimes even amplifying it along the way thanks to bugs in various protocols.
NTP DDoS attacks accounted for 59% of all reflection attacks
Akamai says that almost two-thirds of all reflection DDoS attacks were carried out via the NTP protocol, followed by DNS.
The online gaming sector was the hardest hit in Q1 2016, accounting for 55 percent of all the attacks. For industry specialists, this is no surprise, since gaming servers have been in the top three most hit industries for years.
Akamai says the biggest attack it saw in Q1 peaked at 230 Gbps and was aimed at a company in the media industry. The company may be referring to the huge DDoS attack that downed the BBC on January 1, carried out by New World Hackers with their newly launched Bangstresser DDoS tool.
As for the main sources for these attacks, in many of these, Akamai points the finger at groups like Anonymous, who often glamorize these operations and even spread the message about DDoS-for-hire services or DDoS stressers.
You can find out more statistics about DDoS attacks during the first three months of the year from Akamai's Q1 2016 State of the Internet - Security Report.
