Home / Industry

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

Distributed Denial of Service Trends Report
A unique view into the attack trends unfolding online for the previous quarter, including attack statistics, behavioral trends and future outlook.
(Click to Obtain Report)
Verisign just released its Q3 2014 DDoS Trends Report, which details observations and insights derived from distributed denial of service attack mitigations enacted on behalf of, and in cooperation with, customers of Verisign DDoS Protection Services from July through September of this year. Many notable observations were made, including a rise in the average number of attacks per customer, exploitation of the recently publicized SSDP vulnerability and some notable malicious code trends that will likely contribute to increased DDoS attack activity in the future.

Most notable, however, is the increase in frequency of DDoS attacks exceeding 10 Gbps in size, accounting for more than 20 percent of all mitigations, with the largest observed attack (90 Gbps) experienced by an E-commerce customer. This attack was a pulsing User Datagram Protocol (UDP) flood employed in short bursts of 30 minutes or fewer. It consisted primarily of Network Time Protocol (NTP) reflective amplification attack traffic. This activity was aimed at disrupting the critical online commerce capability of the customer and was successfully mitigated by Verisign.

With the 2014 holiday season in full swing, the E-commerce and Financial industries must be particularly vigilant and prepared for DDoS attacks during their peak revenue and customer interaction season. Historically, Verisign has seen an increase in DDoS activity against these verticals during the holidays and anticipates that this trend will continue. This highlights the need for more advanced DDoS protection capabilities other than the standard defenses of over-provisioning of bandwidth and on-premise mitigation devices, which are rendered ineffective the moment a DDoS attack exceeds an organization's upstream bandwidth, or their Internet service provider's capacity.

Following are highlights of various trends observed in the Q3 2014 DDoS Trends Report:

  • Attacks exceeding 10 Gbps in size increased in frequency to account for more than 20 percent of all mitigations.
  • Attackers were persistent in launching attacks against targeted customers, averaging more than three separate attempts per target.
  • For the first time, Verisign has directly observed attackers using a new protocol for UDP reflection attacks: Simple Service Discovery Protocol (SSDP / UDP port 1900).
  • The most frequently targeted industry this quarter was Media and Entertainment, representing more than 50 percent of all mitigation activity.
  • The largest attacks targeted the E-Commerce industry, with the largest peaking at more than 90 Gbps.

Access the full report here and be sure to check back in a few months to read our Q4 DDoS Trends Report.

Read more about what Verisign saw in Q2, including details about the largest attack (300 Gbps) we've mitigated this year — and the third largest reported attack that the Internet had ever experienced at the time.

Verisign

About Verisign – Verisign, a global leader in domain names and internet security, enables internet navigation for many of the world's most recognized domain names and provides protection for websites and enterprises around the world. Verisign ensures the security, stability and resiliency of key internet infrastructure and services, including the .com and .net domains and two of the internet's root servers, as well as performs the root-zone maintainer functions for the core of the internet's Domain Name System (DNS). Learn More

Related topics: Cyberattack, Cybercrime, Cybersecurity, DDoS

 
   

Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Related Blogs

Related News

Explore Topics

Dig Deeper

Cybersecurity

Sponsored by Verisign

Mobile Internet

Sponsored by Afilias Mobile & Web Services

DNS Security

Sponsored by Afilias

IP Addressing

Sponsored by Avenue4 LLC

Promoted Posts

Buying or Selling IPv4 Addresses?

ACCELR/8 is a transformative IPv4 market solution developed by industry veterans Marc Lindsey and Janine Goodman that enables organizations buying or selling blocks as small as /20s to keep pace with the evolving demands of the market by applying processes that have delivered value for many of the largest market participants. more»

Industry Updates – Sponsored Posts

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Leading Internet Associations Strengthen Cooperation

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

Government Guidance for Email Authentication Has Arrived in USA and UK

ValiMail Raises $12M for Its Email Authentication Service

Don't Gamble With Your DNS

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

New TLD? Make Sure It's Secure

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Facilitating a Trusted Web Space for Financial Service Professionals

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Is Your TLD Threat Mitigation Strategy up to Scratch?

i2Coalition to Host First Ever Smarter Internet Forum