DDoS Attacks Are in Decline in Number and Size, Akamai Report Finds

DDoS Attacks Are in Decline in Number and Size, Akamai Report Finds
Largest DDoS Attack in 1Q17 Was 120G bps
However, There Was a Decline in Large DDoS Attacks
Majority of DDoS Attacks Use Reflection
SSDP Is Leading DDoS Reflector
SQL Injection Is Most Common Web Application Attack
US Is Top Source of Web Application Attacks
US Is Also Top Target
1 of 8

DDoS Attacks Are in Decline in Number and Size, Akamai Report Finds

In the security world, there tends to be a constant stream of news about how the number of attacks is increasing, which is what makes Akamai's "First Quarter, 2017 State of the Internet/Security Report" interesting. According to the report, there was a 30 percent year-over-year decrease in the total number of distributed denial-of-service (DDoS) attacks in 1Q17. Going a step further, there was an 89 percent decrease in the number of DDoS attacks greater than 100G bps. The report isn't all good news, though: In the first quarter of 2017, there was a 35 percent increase in the total number of web application attacks, with SQL injection attacks leading the way. In this slide show, eWEEK looks at the highlights from the most recent Akamai State of the Internet/Security Report.

2 of 8

Largest DDoS Attack in 1Q17 Was 120G bps

The largest DDoS attack recorded by Akamai during the first quarter came in at 120G bps.

3 of 8

However, There Was a Decline in Large DDoS Attacks

Overall, Akamai reported a sharp decline of 89 percent year-over-year in the total number of large DDoS attacks in the first quarter of 2017. There were only two attacks of over 100G bps, down from the 19 from a year ago.

4 of 8

Majority of DDoS Attacks Use Reflection

The majority (57 percent) of DDoS attacks do not just rely on direct bandwidth to attack victims. Rather, they rely on some form of misconfigured internet service to "reflect" an attack, in effect amplifying the total attack bandwidth.

5 of 8

SSDP Is Leading DDoS Reflector

The most common type of DDoS reflector of misconfigured devices uses Simple Service Discovery Protocol (SSDP), which is found on many types of internet of things (IoT) devices.

6 of 8

SQL Injection Is Most Common Web Application Attack

Looking at web application attacks, the most common vector remains SQL injection, which accounted for 44 percent of all attacks Akamai saw in the first quarter of 2017.

7 of 8

US Is Top Source of Web Application Attacks

While web application attacks can come from anywhere in the world, the leading source according to Akamai is the U.S., with 34 percent of attacks coming from the country in the first quarter.

8 of 8

US Is Also Top Target

Not only is the U.S. the top source of web application attacks, it is also the top target of such attacks.

Top White Papers and Webcasts