DDoS protection service provider Prolexic Technologies announced on Thursday it has published its Quarterly Global DDoS Attack Report, which found that the scale and diversity of attacks increased against its global client base in Q4 2012.
The report comes a couple of months after Prolexic Technologies published its Quarterly Global DDoS Attack Report for Q3 2012, which saw an 11 percent increase in average attack bandwidth over Q2 2012.
Though Q4 media reports largely focused on large DDoS attacks against companies in the U.S. financial services sector, Prolexic’s quarterly report shows that the security provider mitigated 50+ Gbps DDoS attacks against clients in the e-commerce and software as a service sectors
Digital forensics by the Prolexic Security Engineering & Response Team also found that malware besides the consistently popular Brodos was used in Q4 to initiate equally large bandwidth attacks.
“The fourth quarter was defined by the increasing scale and diversity of DDoS attacks,” said Prolexic CEO Scott Hammack. “While bandwidth attacks of 20 Gbps were the story last quarter, 50 Gbps is more relevant now.”
Prolexic’s Q4 2012 Global DDoS Attack Report found that there was a 27.5 percent increase in total number of attacks in Q4 2012 compared to Q3 2012.
Additionally, there was a 17 percent increase in total number of infrastructure attacks, with a 72 percent rise in total number of application attacks.
China is still considered the top source country for DDoS attacks by a wide margin.Compared to Q3 2012, the United States had a significantly lower ranking than in the past, while France and Germany found their way back on the top 10 list.
The report also highlighted comparisons from Q4 2012 to Q4 2011, including a 19 percent increase in total number of DDoS attacks.
Additionally, there was a 15 percent increase in the total number of infrastructure attacks and a 30 percent increase in the total number of application attacks.
During Q4 2012, Prolexic mitigated seven attacks over 50 Gbps that targeted clients in the financial services, e-commerce and SaaS industries.
Aside from increasing DDoS attack sizes, the report also highlight another trend of the volume of attacks seeing an increase in Q4 2012. As a result, Prolexic logged a record number of attacks for one quarter.
Similar to the previous quarter, traditional Layer 3 and Layer 4 infrastructure attacks were the most popular attack type, making up for 75 percent of total attacks during the quarter, with application layer attacks making up the remaining 25 percent.
“The take away for businesses from this Q4 report is to make sure that their DDoS mitigation provider can handle attacks in excess of 50 Gbps in a single location,” said Hammack. “When attacks are this large, it’s important that the provider can mitigate this volume of attack traffic in one place and distribute it effectively so it does not compromise intermediary transit providers and affect others.”
PLXsert gathered and analyzed the data for the Q4 2012 report. The research group monitors cyber threats globally and analyzes DDoS attacks using proprietary techniques and equipment.
A free copy of the Prolexic Quarterly Attack Report for Q4 2012 can be downloaded in PDF format from Prolexic’s website.
Prolexic will release its Q1 2013 report in the second quarter of 2013.
Talk back: Are you planning on downloading the Prolexic Technologies quarterly DDoS attack report? Do you find this kind of information helpful in determining how to mitigate attacks on clients’ sites? Have you seen an increase in the size of DDoS attacks? Let us know in a comment.