Skip to main content

DDoS attacks are back on the rise

DDoS attacks are seeing a major rise as hackers seek more diverse threats, according to new research.

The latest State of the Internet/Security Report from Akamai reveals that the number of DDoS attacks increased by 28 per cent in the second quarter of 2017, following three consecutive quarters of activity decline, as attacks from the PBot malware hit a new high.

This growth in DDoS was bad news for UK businesses, which were the second most targeted during Q2 2017, suffering over 32.5 million attacks. The US took the unfortunate top spot, being subjected to over 122.4 million attacks in just three months.

Although based on decades-old PHP code, the PBot malware formed the strongest DDoS attacks seen by Akamai during the quarter, as attackers were able to use the code to create a mini-DDoS botnet capable of launching a 75 gigabits per second (Gbps) DDoS attack.

Attackers were also found to be becoming more persistent in their DDoS assaults, with targets being hit an average of 32 times - although one unfortunate victim, a gaming company, was attacked 558 times during the quarter - approximately six times a day on average.

The criminals also appeared to be becoming more efficient in their activities, as Akamai noted that fewer devices were used to launch the attacks, with the number of IP addresses involved in DDoS attacks dropping 98 per cent from 595,000 to 11,000.

Egypt was found to be the top originator of unique IP addresses used in frequent DDoS attacks, with 32 percent of the global total, taking top spot from the previous leader, the United States.

“Attackers are constantly probing for weaknesses in the defences of enterprises, and the more common, the more effective a vulnerability is, the more energy and resources hackers will devote to it,” said Martin McKeay, Akamai senior security advocate. 

“Events like the Mirai botnet, the exploitation used by WannaCry and Petya, the continued rise of SQLi attacks and the re-emergence of PBot all illustrate how attackers will not only migrate to new tools but also return to old tools that have previously proven highly effective.”

Michael Moore
Michael Moore is News and Features Editor working across both ITProPortal and TechRadar Pro. He has worked as a technology journalist for more than five years, including spells at one of the UK's leading national newspapers. He is interested in hearing about all the latest news and developments across the Business IT world, and how companies are using new technology to help push forward their work and make their customer's lives easier.