DDOS acks increasing

DDOS attacks turn up the volume

Is it getting a little hot out there? The latest denial of service attack report from Prolexic is out,  and the data isn't encouraging, especially since government agencies are a prime target for this type of attack.

According to the report, the average attack bandwidth totaled 48.25 gigabits/sec in the first quarter of 2013, a 718 percent increase over last year. More significantly, the average packet-per-second rate for distributed DOS attacks reached 32.4 million.

“It’s a classic change up,” said Stuart Scholly, president at Prolexic “Nearly everyone has been focused on bandwidth and gigabits per second, but it’s the packet rate that’s causing the most damage and presenting the biggest challenge. These packet rates are above the thresholds of all but the most expensive routers and line cards, and we are seeing networks buckle as a result.”

The only good news, if you can call it that, is that the overall number of attacks has only increased 1.75 percent from the previous quarter, though it’s a jump of 21.75 percent compared with the same time last year.

Other notable trends include the rise of the average sustained attack duration, from 32.2 hours the previous quarter to 34.5 hours for the starting months of 2013, an increase of 7.14 percent. March was the most active month for attacks, accounting for 44 percent of the quarter’s attacks. The week of March 19 was the most active of the quarter.

It's also interesting to note where the attacks are originating. China was the most common source, with 40.68 68%, with the United States (21.88 percent) second and Germany (10.59 percent) third. For the first time, Iran joined the club, squeaking into the infamous list as a country where attacks are launched from.

One of the reasons that attacks in general may be on the rise is the large number of do-it-yourself DDOS tools available now, such as the High Orbit Ion Cannon, which can automatically launch attacks on websites even if users have little or no skill. Of course, a single ion cannon won't bring down most sites, but a coordinated effort with them could do some damage.

The increase in attacks and amount of bandwidth attacks occupy has led to more blackholing, the ultimate defense against DDOS, though this takes the targeted website offline to protect others — so in effect, the hackers are getting what they want.

The complete report is free to download (registration required),  and it's pretty interesting, if scary, reading. Things will probably get worse before, and if, they get better.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above