Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.

Avenue4 LLCRead Message Promoted Post

Home / Industry

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

Q3 2016 DDoS Trends Report from Verisign has just been released providing a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services.

User Datagram Protocol (UDP) flood attacks continue to dominate in Q3 2016, making up 49 percent of the total attacks in the quarter. The most common UDP floods mitigated were Domain Name System (DNS) reflection attacks, followed by Network Time Protocol (NTP) reflection attacks.

The highest intensity flood attack in Q3 2016 was a TCP SYN flood that peaked at approximately 60 Gigabits per second (Gbps) and 150 Million packets per second (Mpps). This flood attack is one of the highest packets per second attacks ever observed by Verisign, surpassing the previous flood of 125 Mpps mitigated by Verisign in Q4 2015.

The largest attack in Q3 2016 utilized the Generic Routing Encapsulation (GRE) protocol (IP protocol 47) and peaked at 250+ Gbps and 50+ Mpps. This is the first time Verisign observed this type of attack against our customer base.

Other key trends and observations include:

Average peak attack sizes in 2016 continued to trend larger than in previously recorded years. The average peak attack size in Q3 2016 was 12.78 Gbps, an 82 percent increase year over year.

Fifty-nine percent of the DDoS attacks utilized two or more different attack types.

IT Services/Cloud/SaaS, representing 37 percent of mitigation activity, remains the most frequently targeted industry for the eighth consecutive quarter, closely followed by the Financial industry, representing 29 percent of all mitigations.

Verisign

About Verisign – Verisign, a global leader in domain names and internet security, enables internet navigation for many of the world's most recognized domain names and provides protection for websites and enterprises around the world. Verisign ensures the security, stability and resiliency of key internet infrastructure and services, including the .com and .net domains and two of the internet's root servers, as well as performs the root-zone maintainer functions for the core of the internet's Domain Name System (DNS). Visit Page

SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Cybersecurity

Sponsored byVerisign

DNS Security

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC

Mobile Internet

Sponsored byAfilias

Promoted Post

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.