Home / Blogs

Verisign Mitigates 300 Gbps DDoS Attack and Other Q2 2014 DDoS Trends

Danny McPherson

Click to Enlarge / Download PDFIt has been another busy quarter for the team that works on our DDoS Protection Services here at Verisign. As detailed in the recent release of our Q2 2014 DDoS Trends Report, from April to June of this year, we not only saw a jump in frequency and size of attacks against our customers, we witnessed the largest DDoS attack we've ever observed and mitigated — an attack over 300 Gbps against one of our Media and Entertainment customers.

This attack is significant for a number of reasons and I encourage you to read a detailed recounting of the attack timeline as well as the various trends we track in the report.

Here are a few highlights:

  • Verisign saw a 216 percent increase in average peak attack size over Q1 2014 and a 291 percent increase in average peak attack size year over year.
  • Overall, Verisign saw an 87 percent increase in peak DDoS attack size year over year.
  • Attacks in the 5-10 Gbps range increased 33 percent and attacks greater than 10 Gbps increased 16 percent.
  • 65 percent of attacks were greater than 1 Gbps.
  • Media and Entertainment was the most targeted industry, followed closely by IT Services/Cloud/SaaS, both making up 84 percent of all attacks mitigated in Q2.

If you'd like to read about what we saw in Q1, you can access that report here.

By Danny McPherson, Executive Vice President and Chief Security Officer at Verisign
Follow CircleID on
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

dns resolution Carl Byington  –  Aug 14, 2014 7:09 AM PST

http://www.verisigninc.com/assets/VRSN_DDoS_TR_Q1_201405-web.pdf

Trying to resolve that URL, we need:

dig www.verisigninc.com ns @a1.verisigndns.com. +edns +norecur
...
www.verisigninc.com.  600 IN NS gslb.shared-fo.brn1.verisign.com.

dig www.verisigninc.com a @gslb.shared-fo.brn1.verisign.com. +edns +norecur
...
www.verisigninc.com.  30 IN A 69.58.187.40

dig www.verisigninc.com ns @gslb.shared-fo.brn1.verisign.com. +edns +norecur
...
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48652

dig www.verisigninc.com a @gslb.shared-fo.brn1.verisign.com. +edns +norecur +nsid
...
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 338

The load balancer at gslb.shared-fo.brn1.verisign.com does not know about NS records, and it chokes on edns options. See rfc5001 from 2007. One might think that verisign could handle an option that was standardized 7 years ago.

To post comments, please login or create an account.

Related

Topics

Whois

Sponsored byWhoisXML API

Cybercrime

Sponsored byThreat Intelligence Platform

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byAppDetex

IP Addressing

Sponsored byAvenue4 LLC

DNS Security

Sponsored byAfilias