Wednesday, 24th April 2019
Logo

Average DDoS attack volumes have trebled in past year

Cybercrime on the rise: average attack volumes grew by 194%, and hyper-scale volumes by 150% year-on-year.

Cloud anti-DDoS vendor Link11has released its DDoS findings for Q4 2018, revealing that the volume and complexity of attacks continued to grow in Europe during the final quarter of 2018. While Link11’s Security Operations Center (LSOC) registered 13,910 attacks in Q4 (12.7% down compared to Q3), the average attack volume grew by 8.7% to 5Gbps, and 59% of attacks used multiple attack vectors.

Key findings of Link11’s Q4 DDoS report include:

·Average attack volumes grew by 194% in 12 months: in Q4 2018, average attack volumes were 5Gbps, nearly three times the 1.7Gbps average seen in Q4 2017. Attackers are using increasingly powerful botnets comprising misused cloud servers, hijacked IoT devices and embedded devices.

·Hyper-scale attacks hitting hard: in Q4, the LSOC registered 13 attacks with volumes over 80Gbps. The biggest attack seen reached 173.5 Gbps – well over double the volume of the biggest attack seen in Q4 2017, which hit 70.1 Gbps.

·More complex multi-vector attacks: the majority (59%) of attacks in Q4 2018 were multi-vector attacks, compared with 45% in Q4 2017. The most complex attacks seen in Q4 used up to nine different attack vectors. The three most commonly used reflection amplification vectors were CLDAP, DNS reflection and SSDP.

The LSOC also observed that attacks occurred most frequently on Saturdays and Sundays, with the level of attacks declining during the business week. Attackers targeted organizations most frequently between 4 pm and midnight Central European Time, with attack volumes at their lowest between 6 am and 10 am CET.

"The increase in the impact and complexity of attacks continues unabated," said Marc Wilczek, COO of Link11. "When faced with DDoS bandwidths well over 100 Gbps and multi-vector attacks, traditional IT security mechanisms are easily overwhelmed, and unprotected companies risk serious business disruption, loss of revenue and even fines. To stop these attacks disrupting business operations, organizations need proactive protection that tracks and responds to evolving attack scenarios and patterns automatically, using advanced machine-learning techniques.”

Bitglass has announced $70 million in Series D funding from new investor Quadrille Capital and exist...
Keysight has published the third annual Security Report from Ixia, its cybersecurity and visibility...
Sophos study of 10 cloud server honeypots placed worldwide reveals the need for visibility and secur...
NTT Security report shows finance knocks business and professional services off top spot in four mos...
UK CIOs have revealed the huge extent of dark (unused) and unstructured data lurking within and posi...
Agreement provides customers with access to leading ‘Endpoint Protection and Response’ cybersecurity...
Latest Tanium research highlights the IT security and operational trade-offs that UK CIOs and CISOs...
BakerHostetler’s privacy and data protection team has released its 2019 Data Security Incident Respo...