Verisign just released its Q4 2015 DDoS Trends Report, which provides a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of customers of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services.
Every industry is at risk as DDoS attacks continue to increase in size, sophistication and frequency. The most notable observation last quarter is the increase in DDoS attack activity, which was at its highest since the inception of Verisign’s DDoS Trends Report in Q1 2014. Comparing year-over-year attack activity, Verisign mitigated 85 percent more attacks in Q4 2015 than in Q4 2014. Some customers were hit with persistent, repeated attacks over the quarter.
Other key trends and observations included:
- The fastest flood attack ever mitigated by Verisign occurred in Q4 2015, sending 125 packets per second (Mpps), and driving a multi-vector, volumetric DDoS attack that peaked at 65 gigabits per second (Gbps).
- Average attack size observed by Verisign continues to be high at 6.88 Gbps, with nearly a third of attacks peaking over 5 Gbps.
- IT Services/Cloud/SaaS, representing 32 percent of mitigation activity in Q4 2015, remains the most frequently targeted industry for the fifth consecutive quarter, closely followed by Media and Entertainment, representing 30 percent of all mitigations.
- User Datagram Protocol (UDP) flood attacks continue to dominate, accounting for approximately 75 percent of attacks in Q4 2015.
Finally, on Nov. 30 and Dec. 1, 2014, many of the Internet’s DNS root name servers, including the A- and J-root servers operated by Verisign, were targets of DNS-based DDoS attacks. This quarter’s report provides an overview of these attacks and the techniques Verisign used to mitigate the large amounts of anomalous traffic.
For more DDoS trends in Q4, download the full report, and be sure to check back in a few months when we release our Q1 2016 DDoS Trends Report.