Home / Industry

Neustar Data Identifies Most Popular Times of Year for DDoS Attacks in 2015

Neustar today released preliminary data indicating April, February, October and December as the most popular months for DDoS attacks. The report, compiled from 2015 data from Neustar's Security Operations Center (SOC), also details the rising threat of multi-vector attacks, a weapon commonly used to plant malware and extract company information.

The Timing of the Attacks

The winter holiday season accounted for 32 percent of all attacks in 2015. Attackers took note of the opportunities presented during Cyber Monday and the holiday shopping season, and timed their assaults for maximum impact.

  • October saw the highest number of attacks with 12.63 percent
  • December accounted for 11.39 percent of attacks
  • February received 10.48 percent of hits
  • April had 9.04 percent of attacks

"It's no surprise that hackers are launching their attacks around high-transaction months," said Peter Burke, Senior Vice President of Engineering and Operations at Neustar.

"In February and April, you're looking at times when most people file their taxes, so it makes sense that attacks would be heightened during that time period. In the fourth quarter, you have Cyber Monday and a high volume of companies that are dependent upon ecommerce, so it's like low-hanging fruit for attackers," Burke concluded.

Multi-Vector Mayhem

One of the most alarming trends noted in the findings is the rise of multi-vector attacks. Rather than just use one style of method to breach a company's infrastructure, attackers are increasingly turning to multi-vector attacks to exhaust defenses.

"Multi-vector attacks show a higher level of sophistication on behalf of the hacker," said Burke. "Anybody can go to a stressor website and buy a cheap DDoS service, but with multi-vector attacks, the hacker is exhibiting a familiarity with attack methods and determination to potentially cause real damage," Burke said.

Statistics from Neustar's Security Operations Center uncovered:

  • 47 percent of all multi-vector attacks occurred in the fourth quarter
  • 42.6 percent of multi-vector attacks were less than 1 Gbps
  • 57 percent of all multi-vector attacks involved reflection attacks

"Rather than just hit with a massive DDoS strike, multi-vector attacks are more alarming because they require dexterity, familiarity with attack methods, and they can also be used as a smokescreen to insert malware and sneak out sensitive company information," Burke added.

In late March, Neustar will release its full Security Operations Center report, which will detail attack sizes, strategies and stories from the SOC. The report is comprised of attacks that Neustar has defended on behalf of its clients in 2015. No client names or identifying information will be provided in the report.


About Neustar – Neustar is an information services and technology company and a leader in identity resolution providing the data and technology that enables trusted connections between companies and people at the moments that matter most. Neustar offers industry-leading solutions in Marketing, Risk, Communications, Security and Registry that responsibly connect data on people, devices and locations, continuously corroborated through billions of transactions. Neustar serves more than 8,000 clients worldwide, including 60 of the Fortune 100. Visit Page

Follow CircleID on

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

To post comments, please login or create an account.



DNS Security

Sponsored byAfilias


Sponsored byThreat Intelligence Platform

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byAfilias


Sponsored byVerisign

IP Addressing

Sponsored byAvenue4 LLC


Sponsored byWhoisXML API

Brand Protection

Sponsored byAppDetex