Large DDoS Attacks on the Rise, Akamai Report Finds

Akamai finds an increasing volume of DDoS attacks greater than 100G bps in Q4, while the volume of web application attacks declined.

While DDoS attacks larger than 100G bps were once very rare, there were 12 such attacks in the fourth quarter. The top attack came in at a peak bandwidth of 517G bps.

Botnets remain the top source of DDoS attack traffic. Four botnets generated 10 DDoS attacks exceeding 300G bps between July 2014 and December 2016, with the Mirai IoT botnet holding the top two spots.

While DDoS is a global phenomenon, the U.S. is the top source of DDoS attack traffic, representing 24 percent of attacks in the fourth quarter of 2016.

There are a number of different technical protocols and methods that DDoS attacks can use. In the fourth quarter, UDP fragments topped the list at 27.39 percent, followed by DNS at 20.60 percent.

More than half (51.29 percent) of web application attacks in the fourth quarter made use of SQL Injection (SQLi) in an attempt to exploit vulnerable applications.

According to Akamai, in the fourth quarter of 2016, the vast majority web application attacks targeted the U.S.

In the fourth quarter, there was a 19 percent decrease in the total number of web application attacks monitored by Akamai. Also of note is the fact that there was a decrease in web application attacks coming from the U.S.