Skip to content ↓ | Skip to navigation ↓

A new study documenting distributed denial of service (DDoS) trends found an average of more than twelve million unique botnet-driven DDoS attacks are occurring weekly in the last 90 days, representing a 240% increase over the same period in 2013.

“Unlike network DDoS attacks, Layer 7 attack sources can’t hide behind spoofed IPs. Instead they resort to using Trojan infected computers, hijacked hosting environments and Internet-connected devices,” the report stated

“Large groups of such compromised resources constitute a botnet; a remotely controlled “zombie army” that can be used for DDoS attacks and other malicious activities.”

Key findings on network (Layer 3 & 4) DDoS attacks included:

  • Large SYN Floods account for 51.5% of all large-scale attacks
  • Almost one in every three attacks is above 20Gbps
  • 81% of attacks are multi-vector threats
  • Normal SYN flood & Large SYN flood combo is the most popular multi-vector attack (75%)
  • NTP reflection was the most common large-scale attack method in February 2014

Key findings on application (Layer 7) DDoS attacks included:

  • DDoS bot traffic is up by 240%
  • More than 25% of all Botnets are located in India, China and Iran
  • USA is ranked number 5 in the list of “Top 10” attacking countries
  • 29% of Botnets attack more than 50 targets a month
  • 29.9% of DDoS bots can hold cookies
  • 46% of all spoofed user-agents are fake Baidu Bots (while 11.7% are fake Googlebots)

“2013 was a game-changing year for DDoS attacks, with higher-than-ever attack volumes and rapid evolution of new attack methods,” the report states.

“Now, the perpetrators are looking to raise the stakes even higher by introducing new capabilities, many of which are specifically designed to abuse the weaknesses of traditional anti-DDoS solutions. As a result, in 2014, many IT organizations will need to re-think their security strategies to respond to latest Layer 3-4 and Layer 7 DDoS threats.”

Read More Here (PDF)…