Number of DDoS Attacks Soar, but Their Duration Is Down in Q1: Akamai

Akamai reported that the number of high-bandwidth DDoS attacks rose 125 percent in the Q1, but the average attack duration fell 35 percent from a year earlier.

There are multiple DDoS attack vectors used in modern attacks, but topping the list at 27 percent are UDP (User Datagram Protocol) fragments.

The largest DDoS attack Akamai reported in the first quarter was 289G bps, down from the 309G-bps top attack in the fourth quarter.

While DDoS attacks vary in length, Akamai found over the course of the first quarter of 2016, the average duration was just over 16 hours—a 35 percent drop from the 25-hour average reported in the first quarter of 2015.

DDoS attacks can originate anywhere in the world, but the report noted China was the top source in the first quarter, accounting for more than a quarter (27 percent) of all observed attacks.

Akamai reported that in the first quarter reflection attacks, or attacks that abuse misconfigured functionality in other services to amplify or “reflect” an attack, grew to almost one-third of all DDoS attacks.

Looking at the broader Web-application attack landscape, Akamai found that nearly half (47 percent) of observed attacks were SQL injections.

While China was the top source of the DDoS attacks Akamai observed in the first quarter, the country tied for third place with the Netherlands as the top source countries for Web-application attacks. The United States leads the list for Web-application attacks, with 43 percent of attacks in the first quarter of 2016.