Most attacked ports, DDoS details revealed

Akamai Technologies released its Q3 2013 State of the Internet Report, which showed that Port 445 (Microsoft-DS) returned to its spot as the most targeted port by cyber attackers.

Ports are part of a computer’s operating system (software based), and different ports are used for different applications and processes to communicate over a network.

According to the report Port 445 (Microsoft-DS) drew 23 percent of observed attacks observed globally.

Port 445 was the most targeted port in eight of the top 10 countries/regions – the only exceptions being China and Indonesia.

The volume of attacks targeting Ports 80 (WWW/HTTP) and 443 (SSL/HTTPS) declined in the third quarter, dropping to 14% and 13% respectively.

Attack traffic top ports
Attack traffic top ports

DDoS attacks

In addition to observations on attack traffic, the State of the Internet Report includes insight into distributed denial of service (DDoS) attacks based on reports from Akamai customers.

For the first time since the fourth quarter of 2012, when Akamai began reporting on DDoS attacks, fewer attacks were reported than the previous quarter.

In Q3 2013 there were 281 observed attacks, compared to 318 during the second quarter (down 11 percent).

However, Akamai saw more attacks through the third quarter of 2013 (807) than it did in all of 2012 (768).

The Enterprise sector continued to be the leading target of DDoS attacks with 127 reported in the third quarter; Commerce was next with 80, followed by Media & Entertainment (42), Public Sector (18) and High Tech (14).

“Although the number of DDoS attacks reported by Akamai customers in the third quarter declined from the previous quarter, we believe that 2013 will ultimately be a significantly more active year for DDoS attacks than 2012,” Belson said.

“As of the end of the third quarter, customers had already reported more DDoS attacks than they did in all of 2012.”

DDoS attacks by sector
DDoS attacks by sector

Akamai has also started to examine the likelihood that attack targets may be subject to follow-up attacks.

Out of the 281 third-quarter attacks, 169 were focused on unique targets. During the quarter, 27 customers were attacked for a second time; five reported three attacks; and seven companies were attacked more than three times.

Initial analysis of the data indicates that if a company is the target of a DDoS attack, there is a 25 percent chance that it could be attacked again within three months.

Repeated DDoS attacks
Repeated DDoS attacks

More on security

Israeli defense computer hacked

US courts targeted in cyber attack

US government panel urges shutdown of NSA phone spying

German watchdog kept mass cyber-crime alert quiet for weeks

Latest news

Partner Content

Show comments


Share this article
Most attacked ports, DDoS details revealed