Latest news
Traditional Layer 3 and Layer 4 infrastructure attacks were the favored attack type, accounting for 75 percent of total attacks during the quarter, with application layer attacks making up the remaining 25 percent. This split has remained consistent throughout 2012.
This quarter, SYN (24 percent), GET (20 percent), ICMP (18 percent) and UDP (15 percent) floods were the attack types most often encountered during mitigation.
Average attack duration increased 67 percent from 19.2 hours in Q3 2012 to 32.2 hours this quarter. November was the most active month for attacks, however, the total number of attacks for all three months of the quarter were consistent, showing a less than 10 percent difference from month to month. The week of Nov. 26 was the most active of the quarter, although only by a narrow margin.
As is commonplace, the top 10 list of source countries responsible for launching the most DDoS attacks was fluid. However, this quarter China secured the top place in attack source country rankings by a wide margin.
Compared to last quarter, the United States dropped down in the rankings, while two European countries, France and Germany, rejoined the top 10 list.
“The take away for businesses from this Q4 report is to make sure that their DDoS mitigation provider can handle attacks in excess of 50 Gbpsin a single location,” said Scott Hammack, Prolexic CEO. “When attacks are this large, it’s important that the provider can mitigate this volume of attack traffic in one place and distribute it effectively so it does not compromise intermediary transit providers and affect others.”
Highlights from Prolexic’s Q4 2012 Global DDoS Attack Report:
Compared to Q3 2012
- 27.5 percent increase in total number of attacks
- 17 percent increase in total number of infrastructure attacks; 72 percent rise in total number of application attacks
- 67 percent increase in average attack duration to 32.2 hours from 19.2 hours
- 20 percent increase in average attack bandwidth from 4.9 to 5.9 Gbps
- China retains its position as the top source country for DDoS attacks.
- 19 percent increase in total number of DDoS attacks
- 15 percent rise in total number of infrastructure attacks; 30 percent rise in total number of application attacks
- 6 percent decline in average attack duration to 32.2 hours from 34
- 13 percent increase in average attack bandwidth from 5.2 Gbps to 5.9 Gbps.
Spotlight
Information security executives need to be strategic thinkers
Posted on 17 June 2013. | George Baker, the Director of Information Security at Exostar, talks about the challenges in working in a dynamic threat landscape, offers tips for aspiring infosec leaders, and more.
Large orgs in denial about own security breaches?
Posted on 14 June 2013. | Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had.
Vulnerability scanning with PureCloud
Posted on 12 June 2013. | nCircle PureCloud is a cloud-based network security scanning product built upon the companies' vulnerability and risk management system IP360.
To hack back or not to hack back?
Posted on 12 June 2013. | If you think of cyberspace as a new resource for you and your organization, it makes sense to protect your part of it as best you can. But is it a good idea?
Reactions from the security community to the NSA spying scandal
Posted on 11 June 2013. | Read on for comments on this scandal that Help Net Security received from a variety of security professionals and analysts.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
