Although, the first quarter of 2017 saw a 23 per cent decrease in the number of Distributed Denial of Service (DDoS) attacks, the average peak attack size increased 26 per cent compared to the previous quarter, a new report revealed on Wednesday.
According to VeriSign, a global leader in domain names and internet security, attackers also launched sustained and repeated attacks against their targets.
VeriSign observed that almost 50 per cent of customers who experienced DDoS attacks in Q1 2017 were targeted multiple times. Every quarter since the first quarter of 2016 has had average attack peak sizes of over 10 GBps, the company said in a statement.
DDoS attacks are now targeting victim networks at multiple network layers and attack types are changing over the course of DDoS events, thus requiring continuous monitoring to optimise the mitigation strategy.
VeriSign found that 57 per cent of DDoS attacks utilised at least two different attack types.
“User Datagram Protocol (UDP) flood attacks continue to lead in the first quarter of 2017, making up 46 per cent of total attacks in the quarter. The most common UDP floods mitigated were Domain Name System (DNS) reflection attacks, followed by Network Time Protocol (NTP) and Simple Service Discovery Protocol (SSDP) reflection attacks,” the company said.
The number of TCP-based attacks also increased making up 33 per cent of attack types in the quarter.
The largest volumetric and highest intensity DDoS attack observed in first quarter was a multi-vector attack that peaked over 120 GBps.
This attack sent a flood of traffic to the targeted network in excess of 60 Gbps for more than 15 hours. The attackers were very persistent in their attempts to disrupt the victim’s network by sending attack traffic on a daily basis for over two weeks.
At approximately 90 Mpps, the speed of the attack was the fastest pps rate observed in the quarter.
VeriSign also said that IT Services/Cloud remained the sector with the largest number of DDoS attacks and the financial sector continued to be a constant target for DDoS attacks and saw second highest number of DDoS attacks of any industry sector.