Prolexic Study Shows 25 Percent Increase in DDoS, App Layer Attacks

Add Your Comments

DDoS protection services provider Prolexic Technologies  announced on Wednesday that it has released its Quarterly Global DDoS Attack Report, which shows that financial services firms experienced nearly three times the number of DDoS attacks during Q1 compared to Q4 2011.

The report comes a couple months after Prolexic closed an $8 million Series B investment led by private equity firm Camden Partners.

Financial services clients also saw a 3,000 percent increase in malicious packet traffic.

“This quarter was characterized by extremely high volumes of malicious traffic directed at our financial services clients,” said Neal Quinn, Prolexic’s vice president of Operations. “We expect other verticals beyond financial services, gaming and gambling to be on the receiving end of these massive attack volumes as the year progresses.”

Prolexic also mitigated more attack traffic this quarter than it did in all of 2011. During Q4 2011, over 168 trillion bits of data and 14 billion packets of malicious traffic were identifie, compared to this quarter’s 5.7 quadrillion bits of data and 1.1 trillion malicious packets.

In comparison to Q1 2011, there was a 25 percent increase in total number of DDoS attacks, 25 percent increase in application layer attacks, shorter attack duration: 28.5 hours compared to 65 hours, and a decline in UDP Floods and increase in GET Floods.

In comparison to Q4 2011, the total number of attacks went virtually unchanged, there was 6 percent rise in Layer 7 attacks, the average attack duration declined to 28.5 hours from 34 hours, and China remains the top source country for attacks while the US and Russia both moves up in the rankings.

In Q1 2012, average attack durations dropped from 34 hours in Q4 to 28.5 hours this quarter. Of note, average attack bandwidth increased to 6.1 Gbps, up from 5.2 Gbps in the previous quarter.

Combining the two metrics confirms previous trend predictions of shorter attack durations, but with higher traffic volumes. This conclusion can be drawn when comparing data from Q1 2012 and Q4 2011 as well as Q1 2012 and Q1 2011.

Infrastructure layer attacks targeting Layer 3 and Layer 4 continue to be the choice of attackers, however, this quarter showed a 6 percent increase in DDoS attacks targeting the application layer (Layer 7).

PLXsert is of the opinion that there will be a gradual shift to Layer 7 attacks over the long term, while the last 12 months has seen UDP Floods decline in popularity with SYN Floods emerging as the “go to” attack type.

Data for the Q1 2012 report has been gathered and analyzed by the Prolexic Security Engineering & Response Team, which monitors malicious cyber threats globally and analyzes DDoS attacks using proprietary techniques and equipment.

Through data forensics and post attack analysis, PLXsert is able to form a global view of DDoS attacks, which it shares with Prolexic customers.

By identifying the sources and associated attributes of individual attacks, the PLXsert team helps organizations adopt best practices and make more effective decisions about DDoS threats.

A complimentary copy of the Prolexic Quarterly Attack Report for Q1 2012 report is available as a free PDF download off the Proelxic website.

Prolexic’s Q2 2012 report will be released in the third quarter of 2012. Web hosting provider Yola recently announced it is using Prolexic’s DDoS mitigation service.

Talk Back: Have your own customers been hit with DDoS attacks in the past quarter? Have you seen an increase in these attacks compared to last year? Let us know in the comments.

Add Your Comments

  • (will not be published)