Home / Industry

Public Sector Experiences Largest Increase in DDoS Attacks (Verisign's Q4 2014 DDoS Trends)

Q4 2014 Distributed Denial of Service Trends Report – From Oct. 1, 2014 through Dec. 31, 2014, Verisign observed a rise in the average size of DDoS attacks against our customers, a significant increase in targeting of certain industries and some other notable trends that have set the stage for increased DDoS activity in 2015. (Click to Download)Verisign has released its Q4 2014 DDoS Trends Report providing a unique view into online distributed denial of service (DDoS) attack trends from mitigations on behalf of, and in cooperation with, customers of Verisign DDoS Protection Services, and the security research of iDefense Security Intelligence Services. Many notable observations were made, including a rise in the average size of DDoS attacks against our customers; the most common attack vector continued to be User Datagram Protocol (UDP) amplification attacks leveraging Network Time Protocol (NTP), while Simple Service Discovery Protocol (SSDP) also continued to be exploited. Verisign also mitigated more attacks in December than any other month in 2014.

The most notable observation, however, is that public-sector customers experienced the largest increase in attacks, constituting 15 percent of total mitigations in Q4. Verisign believes the steep increase in the number of DDoS attacks levied at the public sector may be attributed to attackers' increased use of DDoS attacks as tactics for politically motivated activism, or hacktivism, against various international governing organizations, as well as in reaction to various well-publicized events throughout the quarter, including protests in Hong Kong and Ferguson, Missouri. As outlined in iDefense's 2015 Cyber Threats and Trends blog post, the convergence of online and physical protest movements contributed to the increased use of DDoS as a tactic against organizations, including the public sector, throughout 2014.

Following are highlights of various trends observed in the Q4 2014 DDoS Trends Report:

  • Average DDoS attack size saw a 14 percent increase over Q3 2014 and a 245 percent increase year over year.
  • Verisign observed sustained volumetric DDoS activity in Q4 2014, with DDoS attacks reaching 60 gigabits per second (Gbps)/16 Millions of packets per second (Mpps) for UDP floods and 55 Gbps/60 Mpps for Transfer Control Protocol (TCP)-based attacks.
  • IT/Services/Cloud/SaaS was the most frequently targeted industry in Q4, and experienced the largest volume of attacks, representing 33 percent of all mitigation activity.
  • Attacks against the Financial Services Industry doubled, accounting for 15 percent of all mitigations.
  • Verisign mitigated more DDoS attacks in December than in any other month of 2014. As described in the Q3 2014 Verisign DDoS Trends Report, the 2014 holiday season was in full swing in Q4, and Verisign has historically seen an increase in DDoS activity against customer organizations during this period each year.
  • 42 percent of attacks peaked at more than 1 Gbps, with 17 percent leveraging more than 10 Gbps of DDoS traffic.

Finally, the increasing availability of DDoS-for-hire services — also known as "booters" — presents a huge risk for security professionals, as they enable virtually anyone to hire skilled cyber criminals to launch a targeted DDoS attack for as little as $2 USD per hour. This quarter's feature article, "DDoS-for-Hire Services Mean Greater Threat to Business," outlines how this malicious marketplace works, and presents some sobering details on just how affordable hiring a DDoS attack has become.

For more DDoS trends in Q4, access the full Q4 2014 report here. To read more about what we saw in Q3, including the increase in frequency in DDoS attacks of 10 Gbps in size, which accounted for 20 percent all mitigations in Q3, you can access that report here.

Be sure to check back in a few months when we release our Q1 2015 DDoS Trends Report.

Q4 2014 – DDoS Trends Infographic:


About Verisign – Verisign, a global leader in domain names and internet security, enables internet navigation for many of the world's most recognized domain names and provides protection for websites and enterprises around the world. Verisign ensures the security, stability and resiliency of key internet infrastructure and services, including the .com and .net domains and two of the internet's root servers, as well as performs the root-zone maintainer functions for the core of the internet's Domain Name System (DNS). Learn More

Related topics: Cyberattack, Cybersecurity, DDoS


Don't miss a thing – get the Weekly Wrap delivered to your inbox.

Related Blogs

Related News

Explore Topics

Dig Deeper

Mobile Internet

Sponsored by Afilias Mobile & Web Services


Sponsored by Verisign

DNS Security

Sponsored by Afilias

IP Addressing

Sponsored by Avenue4 LLC

Promoted Posts

Buying or Selling IPv4 Addresses?

ACCELR/8 is a transformative IPv4 market solution developed by industry veterans Marc Lindsey and Janine Goodman that enables organizations buying or selling blocks as small as /20s to keep pace with the evolving demands of the market by applying processes that have delivered value for many of the largest market participants. more»

Industry Updates – Sponsored Posts

Verisign Named to the Online Trust Alliance's 2017 Audit and Honor Roll

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

Leading Internet Associations Strengthen Cooperation

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

Government Guidance for Email Authentication Has Arrived in USA and UK

ValiMail Raises $12M for Its Email Authentication Service

Don't Gamble With Your DNS

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

New TLD? Make Sure It's Secure

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Facilitating a Trusted Web Space for Financial Service Professionals

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Is Your TLD Threat Mitigation Strategy up to Scratch?

i2Coalition to Host First Ever Smarter Internet Forum