Q4 2017 DDoS Trends Report: Financial Sector Experienced 40 Percent of Attacks

Verisign just released its Q4 2017 DDoS Trends Report, which represents a unique view into the attack trends unfolding online, through observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of Verisign DDoS Protection Services and security research conducted by Verisign Security Services.

Download your free copy of the Q4 2017 DDoS Trends Report

Verisign saw that 46 percent of attacks in Q4 2017 employed five or more attack types; however, the number of attacks have decreased since Q3 2017.

The largest volumetric and highest intensity DDoS attack observed by Verisign in Q4 2017 was a multi-vector attack that peaked approximately 53 Gigabits per second (Gbps) and around 5 Million packets per second (Mpps). The attack consisted of a wide range of attack vectors including TCP SYN and TCP RST floods, DNS amplification attacks, Internet Control Message Protocol (ICMP) floods, and invalid packets.

Key DDoS Trends and Observations:

  • Forty-two percent of DDoS attacks were User Datagram Protocol (UDP) floods.
  • Eighty-two percent of DDoS attacks mitigated by Verisign in Q4 2017 employed multiple attack types.
  • The Financial industry, representing 40 percent of mitigation activity, was the most frequently targeted industry for Q4 2017. The IT/Cloud/SaaS industry, previously the most targeted industry, experienced the second highest number of DDoS attacks, representing 33 percent of mitigation activity.

Collaboration is Critical for Effective DDoS Mitigation

Collaboration is vital for effective distributed denial of service (DDoS) mitigation. A mitigation response could often benefit from the involvement of a number of stakeholders. In an ideal scenario, all groups could work to mitigate the DDoS attack and bring the organization’s critical systems back to optimal levels as quickly as possible. This level of complex coordination has traditionally been carried out using telephones and emails. However, there are other options for mitigation providers to help facilitate automated collaboration during a DDoS mitigation. A standard method of signaling for mitigation assistance upstream could simplify and streamline the process of coordinating the many components usually deployed in a DDoS mitigation. This is where DDoS Open Threat Signaling (DOTS) comes into play.

Read the report to learn more about DDoS Open Threat Signaling.

For more DDoS Trends in Q4 2017, download the full report, and be sure to check back in a few months when we release our Q1 2018 DDoS Trends Report.