Large-scale DDoS attacks increased 19% in Q4 and also become more varied, according to a report by Prolexic Technologies.
A distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users, most commonly by saturating the target machine with external communications requests.
According to the report, there was a 15% spike in the number of infrastructure attacks and a 30% increase in the number of application attacks.
Compared to the last quarter there was a 6% decline in average attack duration, down to 32.2 hours from 34 hours, while there was a 13% rise in average attack bandwidth from 5.2 Gbps to 5.9 Gbps.
Prolexic CEO Scott Hammack said the fourth quarter was defined by the increasing scale and diversity of DDoS attacks. "While bandwidth attacks of 20 Gbps were the story last quarter, 50 Gbps is more relevant now," Hammack said.
During the quarter most attacks were targeted at traditional Layer 3 and Layer 4 infrastructure, accounting for 75% of total attacks while application layer attacks comprised the remaining 25%.
"A case could be made that the size of attacks that are being reported in the financial services industry really just reflects the normal growth in DDoS," Hammack said.
"We are seeing similarly sized attacks in other verticals, but they don't make headlines because companies in these industries are not required to report it in the same way."
Though the number of attacks during the quarter was consistent, November was the most active month, the report revealed.
China was the top source of DDoS attack during quarter while France and Germany rejoined the list of top 10 countries of attack source while US' ranking dropped.
Prolexic says it helps protect its clients from DDoS attacks, and counts ten of the world's largest banks and leading companies in e-Commerce, SaaS, payment processing, travel/hospitality, gaming and other at-risk industries among its customers.
Absolute® Software specialises in technology and services for the management and security of mobile computers and smartphones.
Established in 1957, BCS, The Chartered Institute for IT, promotes wider social and economic progress through the advancement of information...
M86 Security is a global provider of web and e-mail security products. We are the only security company able to provide integrated, reliable and...
Qualys is the leading provider of on demand IT security risk and compliance solutions - delivered as a service. Qualys solutions enable...