Verisign just released its Q2 2017 DDoS Trends Report, which represents a unique view into the attack trends unfolding online, through observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of Verisign DDoS Protection Services and security research conducted by Verisign Security Services.
Verisign saw that 25 percent of attacks in Q2 2017 peaked over five Gigabits per second (Gbps); however, the average peak attack size decreased 81 percent compared to the previous quarter. The number of attacks, have also decreased since Q1 2017. Overall, average peak attack sizes have decreased since Q2 2016.
The largest volumetric and highest intensity DDoS attack observed by Verisign in Q2 2017 was a multi-vector attack that peaked approximately 12 Gbps and around 1 Million packets per second (Mpps). This attack sent a flood of traffic to the targeted network for about an hour, abated for an hour, and then set another wave of traffic for an additional hour. The attack was notable because it consisted primarily of a DNS reflective amplification attack in addition to invalid packets.
Key DDoS trends and observations in Q2 2017
- Seventy-four percent of the DDoS attacks mitigated by Verisign in Q2 2017 employed multiple attack types.
- Fifty-seven percent of DDoS attacks were UDP Floods.
- TCP-based attacks were the second most common attack vector, making up 20 percent of attack types in the quarter.
- The IT/Cloud/SaaS industry, representing 52 percent of mitigation activity, was the most frequently targeted industry for the eleventh consecutive quarter. The Financial Sector industry experienced the second highest number of DDoS attacks, representing 31 percent of mitigation activity.
Ransom and Extortion Motivated Attacks
In a digital climate in which avoiding downtime is a competitive advantage, ransom-motivated attacks can be a nightmare for network security teams. DDoS attacks and ransomware attacks are damaging enough when used separately to cripple an organization’s network. However, cybercriminals are becoming more sophisticated and are combining DDoS attacks and ransomware for greater impact.
Read the report to learn more about ransom-motivated attacks and what organizations can do to protect their networks.
For more DDoS Trends in Q2 2017, download the full report, and be sure to check back in a few months when we release our Q3 2017 DDoS Trends Report.