Big increase in DDoS attacks

Akamai has released its Q4 2015 State of the Internet Security Report, which shows a massive increase in the number of DDoS attacks.

The report shows that stresser or booter-based botnets were the source of the vast majority of DDoS attacks observed by Akamai.

These tools rely heavily on reflection techniques to fuel their traffic.

For the first time, Turkey appeared as a top attack source – based on all indicators that Akamai uses to measure DDoS attacks.

Repeat DDoS attacks were the norm, with an average of 24 attacks per target in the last quarter.

Another trend is multi-vectored attacks – 56% of all DDoS attacks mitigated in Q4 2015 were multi-vectored.

China was the top country sourcing DDoS attacks, while the US was the top country sourcing web application attacks.

The gaming sector was most frequently hit by DDoS attacks, while the retail sector was most frequently targeted in web application attacks.

The list below provides an overview of the DDoS attack statistics in the Akamai report (compared to Q4 2014).

• 148.85% increase in total DDoS attacks
• 168.82% increase in infrastructure layer (layers 3 & 4) attacks
• 49.03% decrease in the average attack duration: 14.95 vs 29.33 hours
• 44.44% decrease in attacks of over 100Gbps: 5 vs 9

DDoS Attack Vectors

Infrastructure attacks continue to dominate, increasing 2% from last quarter and accounting for 97% of all DDoS attack activity.

The large increases at the infrastructure layer further diminished the percentage of application layer attacks, which have decreased slightly over time.

More on DDoS attacks

Google’s Project Shield: protecting news sites against DDoS attacks

Massive increase in DDoS attacks

Akamai XOR DDoS warning