DDoS protection services provider Prolexic Technologies released its Quarterly Global DDoS Attack report on Wednesday for Q1 2013, a quarter that it says was defined by the increase in the targeting of Internet Service Provider and carrier route infrastructures.
In Q1 2013, the average packet per second rate was 32.4 Mpps, and these high pps attacks caused significant issues for other mitigation providers and carriers.
“Average packet-per-second rate and average bit rate spiked in the first quarter and both are growing at a fast clip,” Stuart Scholly, president at Prolexic said in a statement. “When you have average – not peak – rates in excess of 45 Gbps and 30 million packets-per-second, even the largest enterprises, carriers, and quite frankly most mitigation providers, are going to face significant challenges.”
“It’s a classic change up,” said Scholly. “Nearly everyone has been focused on bandwidth and gigabits per second, but it’s the packet rate that’s causing the most damage and presenting the biggest challenge. These packet rates are above the thresholds of all but the most expensive routers and line cards and we are seeing networks buckle as a result.”
Prolexic says that during Q1 2013, infrastructure (Layer 3 and Layer 4) attacks accounted for 76.54 percent of total attacks with application layer attacks making up the remaining 23.46 percent. Prolexic protected its clients against SYN, GET, UDP and ICMP flood attack-types most commonly during the first quarter.
Compared to Q4 2012, the average attack bandwidth in the first quarter increased by 718 percent from 5.9 Gbps to 48.25 Gbps, and the average attack duration in Q1 2013 increased 7.14 percent from 32.2 hours to 34.5 hours.
Prolexic says that attack volume has been especially high over the last six months, reflecting a general trend of heightened global DDoS activity and risk of attack.
In Q1 2013, China remained at the top of the list of source countries responsible for the most DDoS attacks, while US, Germany and Iran were near the top.
While Prolexic releases its DDoS attack reports every quarter, it recently launched a tool for the online security community to use for an instant snapshot of current global DDoS threats and activity.
Talk back: What defined Q1 2013 in terms of DDoS mitigation? Are you surprised by any of Prolexic’s findings for Q1 2013? Let us know in a comment.