Skip to main content

DDoS is an increasing threat, with some mammoth attacks being launched

DDoS (distributed denial-of-service) attacks continue to be a thorn in the side of various companies, as the latest stats from threat protection firm Arbor Networks show that the number of such attacks has increased strongly.

Arbor’s data for Q1 of this year shows that extremely high volume attacks are up, and that the largest attack ever detected by the company’s ATLAS threat intelligence infrastructure happened last quarter. This was a staggering 334Gbps DDoS attack which hit a network operator in Asia.

In the first quarter of 2015, there were 25 attacks which exceeded the 100Gbps level.

Arbor explains that most of these huge DDoS assaults are driven by a “reflection amplification technique” that lets the attacker considerably magnify the amount of traffic they can generate. The security firm further notes that many ISPs still need to utilise filters to block traffic with a spoofed IP address which would help to stop this technique.

Interestingly, Arbor also found that attacks are shorter right now, with 90 per cent lasting for just an hour. This contradicts Kaspersky’s findings we reported earlier today, with only a third of those surveyed by Kaspersky saying that DDoS attacks which affected their organisation lasted for a few hours – while 21 per cent said attacks lasted for a couple of days, or even weeks in some cases.

Darren Anstee, Director, Solutions Architects, at Arbor Networks, commented: “Attacks that are significantly above the 200Gbps level can be extremely dangerous for network operators and can cause collateral damage across service provider, cloud hosting and enterprise networks.

“DDoS attacks continue to evolve. Not only have volumetric attacks grown significantly in size and frequency over the past 18 months, application-layer attackers are also still pervasive. In order to deal with the full scope of the modern DDoS threat, we strongly recommend a multi-layered defence, one that integrates on-premise protection against application-layer attacks with cloud-based protection against higher magnitude volumetric attacks.”