Memcached Reflection Attack Vector Powers Record DDoS Attack Volume | eWeek

DDoS Attacks Set New Record While Credential Abuse Attacks Decline

1088_DDosAttacksCredential
Jun 29, 2018
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More


DDoS Attacks Set New Record While Credential Abuse Attacks Decline

DDoS Attacks Set New Record While Credential Abuse Attacks Decline

Akamai released its State of the Internet Security Summer 2018 report on June 26, providing insight into the current state of web application and distributed denial-of-service (DDoS) attacks. The 28-page report takes a specific look at credential abuse attacks against the hotel and travel industry, finding that attacks have leveled off over the last three months after reaching a peak at the end of January. The report also found that DDoS attack volume reached a record high of 1.35T bps, powered by a memcached reflection attack vector. On average, Akamai found that over the last six months, organizations faced an average of 41 DDoS attacks. In this slide show, eWEEK looks at some of the highlights of Akamai’s State of the Internet Security Summer 2018 report.


DDoS Sets New Record

DDoS Sets New Record

The largest DDoS attack seen by Akamai over the last six months was a 1.35T-bps attack that occurred at the end of February. The attack made use of misconfigured memcached servers to reflect and amplify attack volume.


UDP Fragments Often Used in DDoS Attacks

UDP Fragments Often Used in DDoS Attacks

Looking at DDoS attack vector frequency, Akamai found that UDP fragments were the top vector for infrastructure layer attacks.


Organizations Repeatedly Hit by DDoS Attacks

Organizations Repeatedly Hit by DDoS Attacks

Over the last six months, Akami found that organizations were hit with a DDoS attack an average of 41 times.


Hotel and Travel Credential Abuse Declines

Hotel and Travel Credential Abuse Declines

Hotel and travel sites were heavily targeted at the beginning of 2018 by attackers looking to use fraudulent or stolen credentials. Akamai found that attacks declined significantly in February as operators closed down multiple routes that were sources of malicious traffic.


Advertisement

SQL Injection Remains Top Web Attack Vector

SQL Injection Remains Top Web Attack Vector

Fifty-one percent of web application attacks seen by Akamai from November 2017 until April 2018 used SQL injection (SQLi) as an attack vector.


U.S. Remains Top Target

U.S. Remains Top Target

While attackers go after targets all around the world, the United States is by far the most attacked country.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.