[Q3 2014]
stateoftheinternet.com
= compared to [Q2 2014] • High-bandwidth attacks (greater than 100 Gbps) jumped 183 percent • All high-bandwidth attacks used a SYN flood among multiple attack vectors • Multi-vector attacks are increasing due to ease of use and availability of toolkits available through the DDoS-for-hire underground • The number of infrastructure-layer attacks was up 2 percent • Infrastructure-layer attacks represented 89 percent of all DDoS attacks • Duration of attacks was up 29
2 / [state of the internet] / security (Q3 2014)
= the trend toward larger attacks What is driving larger attack sizes? • Attackers are taking a force not technique approach. ⁄
Previous attack trends favored reflection-based attacks using protocols such as NTP, SNMP, DNS, and CHARGEN
⁄
Malicious actors are choosing attack tools that focus on SYN and UPD payloads with long attack campaigns
⁄
The largest attacks used traditional botnet-based methods
• Multi-vector attacks are becoming the norm ⁄
More than half of all DDoS attacks used multiple attack vectors
⁄
Easy-to-use attack toolkits make sophisticated multi-vector attacks available to a larger number of malicious actors
• Evolving reflection-based attacks may also be used to generate high-bandwidth DDoS attacks 3 / [state of the internet] / security (Q3 2014)
= compared to [Q3 2013] • Attacks were larger and longer than the same quarter a year ago Average attack bandwidth increased 389 percent Peak packet-per-second volume increased 366 percent. Heavy bandwidth consumption with increased packet rate shows the growing sophistication of DDoS attacks Multi-vector attacks increased 9 percent Application layer attacks decreased 44 percent Infrastructure layer attacks increased 43 percent. Total DDoS attacks increased 22 percent
• 2014 will likely set a record for number of DDoS attacks
4 / [state of the internet] / security (Q3 2014)
= distribution of DDoS attack vectors
5 / [state of the internet] / security (Q3 2014)
= geographical source of Q3 2014 attacks
China and the U.S. continue to lead in the number of DDoS attacks Attacks from China decreased from 62 percent of malicious traffic in Q3 2013 to 20 percent Brazil’s share of DDoS traffic saw a dramatic increase, to 18 percent of the total, compared with 8 percent in Q3 2013 6 / [state of the internet] / security (Q3 2014)
= target industries in Q3 2014
7 / [state of the internet] / security (Q3 2014)
= targeted industries: analysis • As in Q2 2014, gaming was the most-targeted industry ⁄
Targeted in 33 percent of attacks
• Media was second-most targeted at 24 percent ⁄
Increased from 15 percent in Q2
• Media-focused attacks tend to coincide with political and civil issues in the news • Software and technology firms were targeted in 19 percent of attacks • Financial services, including banks and trading platforms, accounted for 9 percent of attacks ⁄
Continues a trend from Q2 2014 of fewer attacks in this industry
8 / [state of the internet] / security (Q3 2014)
= Q3 2014 state of the internet – security report Download the Q3 2014 State of the Internet – Security Report, which includes: Analysis of DDoS attack trends Bandwidth (Gbps) and volume (Mpps) statistics Year-over-year and quarter-by-quarter analysis Application layer attacks and infrastructure attacks Attack frequency, size and sources Where and when DDoSers strike How and why attackers are building DDoS botnets from devices other than PCs and servers Details of a record-breaking 321 Gbps DDoS attack Syrian Electronic Army (SEA) phishing attacks
• Learn more at www.stateoftheinternet.com/security-reports
9 / [state of the internet] / security (Q3 2014)
= about stateoftheinternet.com •
StateoftheInternet.com, brought to you by Akamai, serves as the home for content and information intended to provide an informed view into online connectivity and cybersecurity trends as well as related metrics, including Internet connection speeds, broadband adoption, mobile usage, outages, and cyber-attacks and threats.
•
Visitors to www.stateoftheinternet.com can find current and archived versions of Akamai’s State of the Internet (Connectivity and Security) reports, the company’s data visualizations, and other resources designed to put context around the ever-changing Internet landscape.
10 / [state of the internet] / security (Q3 2014)