Q3 2016 DDoS Trends Report: UDP Flood Attacks Make Up 49 Percent of Attacks

Verisign just released its Q3 2016 DDoS Trends Report, which provides a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services.

User Datagram Protocol (UDP) flood attacks continue to dominate in Q3 2016, making up 49 percent of the total attacks in the quarter. The most common UDP floods mitigated were Domain Name System (DNS) reflection attacks, followed by Network Time Protocol (NTP) reflection attacks.

The highest intensity flood attack in Q3 2016 was a TCP SYN flood that peaked at approximately 60 Gigabits per second (Gbps) and 150 Million packets per second (Mpps). This flood attack is one of the highest packets per second attacks ever observed by Verisign, surpassing the previous flood of 125 Mpps mitigated by Verisign in Q4 2015.

The largest attack in Q3 2016 utilized the Generic Routing Encapsulation (GRE) protocol (IP protocol 47) and peaked at 250+ Gbps and 50+ Mpps. This is the first time Verisign observed this type of attack against our customer base.

(more…)

Defending Against Layer 7 DDoS Attacks

Layer 7 attacks are some of the most difficult attacks to mitigate because they mimic normal user behavior and are harder to identify. The application layer (per the Open Systems Interconnection model) consists of protocols that focus on process-to-process communication across an IP network and is the only layer that directly interacts with the end user. A sophisticated Layer 7 attack may target specific areas of a website, making it even more difficult to separate from normal traffic. For example, a Layer 7 DDoS attack might target a website element (e.g., company logo or page graphic) to consume resources every time it is downloaded with the intent to exhaust the server. Additionally, some attackers may use Layer 7 DDoS attacks as diversionary tactics to steal information.

(more…)

Verisign Q2 2016 DDoS Trends: Layer 7 DDoS Attacks a Growing Trend

Verisign just released its Q2 2016 DDoS Trends Report, which provides a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of customers of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services.

Every industry is at risk as DDoS attacks continue to increase in frequency, consistency and complexity. Comparing year-over-year attack activity, Verisign mitigated 75 percent more attacks in Q2 2016 than in Q2 2015. The largest attack mitigated by Verisign in Q2 2016 peaked at 250+ Gbps before settling in at 200+ Gbps for almost two hours.

Verisign also observed a growing trend of low-volume application layer, or Layer 7, attacks that probe for vulnerabilities in application code and exploit HTTP/S field headers within request packets to disable applications. These attacks were frequently coupled with high-volume UDP flood attacks to distract the victim from the Layer 7 attack component, often requiring multiple and advanced filtering techniques.

(more…)

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Verisign just released its Q1 2016 DDoS Trends Report, which provides a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of customers of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services.

Every industry is at risk as DDoS attacks continue to increase in size, frequency and sophistication. The most notable observation last quarter is the increase in DDoS attack activity, which was at its highest since the inception of Verisign’s DDoS Trends Report in Q1 2014. Comparing year-over-year attack activity, Verisign mitigated 111 percent more attacks in Q1 2016 than in Q1 2015.

(more…)

Verisign Q4 2015 DDoS Trends: Attack Activity Increases 85 Percent Year Over Year

Verisign just released its Q4 2015 DDoS Trends Report, which provides a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of customers of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services.

Every industry is at risk as DDoS attacks continue to increase in size, sophistication and frequency. The most notable observation last quarter is the increase in DDoS attack activity, which was at its highest since the inception of Verisign’s DDoS Trends Report in Q1 2014. Comparing year-over-year attack activity, Verisign mitigated 85 percent more attacks in Q4 2015 than in Q4 2014. Some customers were hit with persistent, repeated attacks over the quarter.

(more…)

Security Intelligence Best Practices for the Financial Industry

Securing a financial organization’s applications, networks and data is more challenging today than ever before. Almost daily, you hear of a breach that exposes customer data, damages or otherwise compromises back-end systems, or simply makes an organization’s online presence unavailable. Regardless of the cause of these breaches—be it a distributed denial of service (DDoS) attack, data theft, information disclosure or something else altogether—the victims almost always incur a significant loss to brand, customer confidence or even revenue itself. Bottom line is, if your business is responsible for keeping people’s money safe, your business can’t afford to fall victim to cyber-attacks.

But how can financial organizations stay ahead of increasingly diverse and effective cyber threats and actors?

(more…)

Verisign DDoS Trends Report: Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

As part of our efforts to support National Cyber Security Awareness Month by sharing the latest cybersecurity research, Verisign just released our Q3 2015 DDoS Trends Report, which represents a unique view into attack trends unfolding online for the previous quarter, including attack statistics and behavioral trends, derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of, and in cooperation with, customers of Verisign DDoS Protection Services and the security research of Verisign iDefense Security Intelligence Services.
The most notable observation is DDoS attack activity increased in Q3 to the highest it has been in any quarter over the last two years. Quarter over quarter, Verisign mitigated 53 percent more attacks in the third quarter this year than in the preceding quarter.

(more…)

Verisign Q2 2015 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

Verisign just released its Q2 2015 DDoS Trends Report, which provides a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of, and in cooperation with, customers of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services.

(more…)

Is Your E-Commerce Site Ready for the Holidays?

Even though summer is just heating up, Internet retailers already have visions of dollar signs dancing in their heads as they prepare for the onslaught of holiday Web traffic that will soon ring in the 2015 holiday season. However, much of their focus is on marketing, and not the critical security measures they need to have in place to help keep their customers safe and satisfied as they shop online during the holidays. 

As we have seen from the numerous security breaches and cyberattacks reported during last year’s holiday season, understanding the threat landscape and putting appropriate mitigation plans in place is critical to a business’s revenue and reputation.  Just one hour of network downtime due to an outage or malicious attack can have far reaching consequences for a retailer, especially during the holidays. 

(more…)

Cyberthreat on the Internet

Understanding the Threat Landscape: Cyber-Attack Actors and Motivations

The threat landscape has rapidly expanded over the past few years, and shows no signs of contracting. With major establishments in both the public and private sectors falling victim to cyber-attacks, it is critical for organizations to identify the motivations, modus operandi (MO) and objectives of adversaries in order to adequately and effectively defend their networks.

Understanding the taxonomy of cyber-attacks is the first step in preparing an organization against exposure to them. Verisign iDefense Security Intelligence Services classifies cyber-attacks into three categories: hacktivism, cybercrime and cyber-espionage.

(more…)