Q1 2015 set a new record for the number of DDoS attacks observed across the PLX routed network--a jump of more than 35 percent over the last quarter, says the report. Not only has the volume of attacks increased, the profile has also changed. Last year, high bandwidth and short duration attacks were the norm. But in Q1 2015, the typical DDoS attack was less than 10 gigabits per second (Gbps), and endured for just over 24 hours. There were eight mega-attacks in Q1, each exceeding 100 Gbps. While that was one fewer mega-attack than in Q4 2014, such large attacks were rarely seen a year ago. The largest DDoS attack observed in Q1 2015 peaked at 170 Gbps.
The stats (compared to Q4 2014)
* 35.24% increase in total DDoS attacks
* 22.22% increase in application layer (Layer 7) DDoS attacks
* 36.74% increase in infrastructure layer (Layer 3 & 4) DDoS attacks
* 15.37% percent decrease in average attack duration (24.82 vs. 29.33 hours)
During the past year, DDoS attack vectors have also shifted. This quarter, Simple Service Discovery Protocol (SSDP) attacks accounted for more than 20 percent of the attack vectors, while SSDP attacks were not observed at all in Q1 or Q2 2014. SSDP comes enabled by default on millions of home and office devices—including routers, media servers, web cams, smart TVs and printers—to allow them to discover each other on a network, establish communication and coordinate activities. If left unsecured and/or misconfigured, these home-based, Internet-connected devices can be harnessed for use as reflectors.
Gaming has remained the most targeted industry since Q2 2014, consistently being targeted in 35 percent of DDoS attacks. The software and technology sector was the second most targeted industry in Q1 2015, with 25 percent of the attacks.
Add new comment