HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 8 MINUTES AGO.
You are here: Home / Hardware / Big DDoS Attacks Hit Record in 2014
82% of the Fortune 500
Use BMC for innovative solutions & competitive business advantage.
Contact BMC to learn more.
Large-Volume DDoS Attacks Hit Record in 2014
Large-Volume DDoS Attacks Hit Record in 2014
By Jef Cozza / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JULY
17
2014
The number of distributed denial-of-service (DDoS) attacks set a record in the first half of 2014, according to a report by Arbor Networks. The number of attacks over 20 GB/sec doubled compared with the same period in 2013.

Although the first quarter saw the most concentrated burst of large volumetric attacks in history, things calmed down somewhat in the second quarter. The largest reported attack in the second quarter was 154.69 GB/sec, down 52 percent from Q1. That was a Network Time Protocol (NTP) reflection attack targeting a destination in Spain, Arbor Networks said.

NTP Attacks Fall, But Still Higher than 2013

Although the company said that NTP reflection attacks are still significant, attacks of that type were down in both size and scope in Q2 compared with the first quarter. Average NTP traffic volumes are falling globally, but remain above November 2013 levels (the start of NTP attack proliferation). In total, NTP represented 6 percent of DDoS attacks in Q2, down from 14 percent in Q1.

NTP attacks provide hackers with the ability to generate high-volume DDoS traffic to target Web sites or public-facing devices in order to disrupt services. Attacks of this type can be exploited remotely, with NTP exploits being publicly available. In an NTP attack, bot computers are enlisted to send a request for the correct time from an NTP server, but the return address is spoofed with the targeted Web server's address. Hence the targeted server is flooded with data on the correct time.

The number of attacks of this kind began to slow in March and into the second quarter, but still remain significantly above 2013 levels.

More and Larger

The second quarter also saw fewer very large attacks, with average attack size down by 47 percent compared with Q1. Nonetheless, more than 100 attacks larger than 100 GB/sec have been reported so far this year, an unprecedented number.

"Volumetric DDoS attacks continued to be a problem well into the second quarter," said Arbor Networks Director of Solutions Architects Darren Anstee. "The frequency of very large attacks continues to be an issue, and organizations should take an integrated, multi-layered approach to protection. Even organizations with significant amounts of Internet connectivity can now see that capacity exhausted relatively easily by the attacks that are going on out there."

Non Initial Fragment attacks still remain the most common, according to the report, although there was a significant increase in the percentage of attacks targeting domain name servers in the second quarter.

Atlas Shrugs

Despite the ominous increase in activity, the majority of attacks remain short-lived, with 90.6 percent lasting less than an hour. But Arbor says the growth trend for large attacks continues to point upward.

Arbor obtained the data through its Atlas threat monitoring infrastructure, a collaborative partnership of nearly 300 Internet service providers who share anonymous traffic data with Arbor in order to deliver an aggregated view of global traffic and threats. Atlas collects statistics that represent 90 TB/sec of Internet traffic and provides the data for the Digital Attack Map, a visualization of global attack traffic created in collaboration with Google Ideas.

The initiative provides worldwide statistics anonymously. According to the company, the system currently monitors a peak of around 90 Tbps of IPv4 traffic.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
BMC's shared success is built on 6 fundamental principles: 1) An Intuitive User Experience 2) Agile Application 3) Actionable Intelligence 4) Adaptive Automation 5) Compliance & Risk Mitigation 6) Optimized Infrastructure & Cost. Contact BMC to learn more.
MORE IN HARDWARE
Product Information and Resources for Technology You Can Use To Boost Your Business
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.