Throughout the year, metrics were collected from all DDoS attacks launched against the company’s client base by the Prolexic Security Engineering & Response Team (PLXsert). Through digital forensics and post-attack analysis, PLXsert is able to build a global view of the evolving DDoS threat.
“It was a dynamic 12 months for DDoS attacks,” said Stuart Scholly, president of Prolexic. “The tools used by malicious actors in 2013 and the tactics they adopted changed considerably, reflecting the on-going evolution of the DDoS threat.”
Top 10 DDoS attack trends for 2013:
- DDoS attack volume continued to rise with Prolexic mitigating 32.43 percent more attacks in 2013 than it did in 2012
- DDoS attack volume also increased month-to-month in 2013, with 10 out of 12 months showing higher attack volume compared to 2012
- Smaller, stealthy and more sophisticated application layer (Layer 7) attacks increased approximately 42 percent
- High bandwidth, volumetric infrastructure layer (Layer 3 & 4) attacks increased approximately 30 percent
- DNS, UDP, and UDP fragmentation floods, as well as CHARGEN, were the attack vectors that showed the most adoption in 2013
- SYN and ICMP floods were the attack vectors that showed the most decline in use
- Average DDoS attack sizes continued to increase with Prolexic mitigating numerous attacks over 100 Gbps, the largest peaking at 179 Gbps
- Reflected amplification attacks emerged as a very popular attack method
- Mobile devices and apps began participating in DDoS campaigns
- DDoS attacks were more likely to originate from Asian countries.