DDoS Attackers, Network Defense Firms Record Banner Year
A quarterly analysis of distributed denial-of-service (DDoS) attacks finds that the incidents have increased in number, volume and duration.In the last quarter of 2012, distributed denial-of-service (DDoS) attacks increased in quantity, bandwidth and duration, with seven attacks topping bandwidths of 50G bps, Internet protection firm Prolexic stated in a report released on Jan. 17. Much of the increase can be blamed on the activities of the claimed hactivist group known as the Izz ad-Din al-Qassam Cyber Fighters, which has targeted U.S. financial institutions with large-bandwidth attacks launched from compromised content-management servers. Yet the same toolkit that flooded banking sites with data has also targeted e-commerce and software-as-a-service companies, Prolexic stated in the report. "These attacks have been very, very large and very complex and they are targeting the large enterprise customers, which are the more challenging ones to defend against because they have so much Internet-facing IP-address real estate," said Scott Hammack, CEO of Prolexic. The number of attacks encountered by Prolexic in the quarter grew by nearly 28 percent, and the average bandwidth used in each attack topped 5.9G bps, up from less than 5G bps the previous quarter. The average attack duration increased to 32.3 hours, a 67 percent increase over the 19.2 hours a typical attack lasted in the third quarter of 2012. Previously, Prolexic had noted a trend toward shorter attacks.
The dramatic changes in attacks have much to do with attackers' shift to creating botnets using compromised high-bandwidth servers, rather than the motley mobs of infected home desktop computers that comprised earlier botnets. A decade ago, you would only see a 50G-bps attack a couple of times a year, but now such attacks happen nearly every week, Hammack said.