DDoS attacks were less common last quarter, but more difficult to mitigate, according to a report released Tuesday by Verisign. According to the Q1 DDoS Trends Report, the average peak attack size increased 26 percent from Q4 2016 to 14.1 Gbps in Q1 2017, and 57 percent of attacks employed multiple attack types.
Only 7 percent of attacks observed by Verisign were Layer 7 attacks, but many of those were mixed with Layer 3/Layer 4 DDoS flooding attacks, according to the report. The most common attack type mitigated was UDP floods (46 percent), while TCP-based attacks increased to 33 percent.
“As DDoS attacks increase in complexity and size, combating them becomes more challenging,” the report authors write. “In response, organizations not only need the right technology capable of meeting this growing threat, but also the right human element. Technical staff with DDoS expertise working in tandem with technology is highly beneficial in keeping networks and infrastructures available during an attack.”
Companies in IT, cloud and SaaS were targeted by 58 percent of attacks, the most of any industry for the tenth consecutive quarter. The number of attacks targeting the financial sector leaped by 7 percent to 28 percent of attacks during the quarter.
Verisign’s observation of a reduced number of DDoS attacks in the quarter echoes findings released by Akamai last week, which noted a high number of web application attacks and evolving botnets.