Overview of Prolexic Quarterly DDoS Attack Report: Q1 2013

  • 172 views
Uploaded on

Q1 2013 was quite notable for DDoS attacks. The most formidable distributed denial of service (DDoS) attacks – ever – occurred in the first quarter of 2013; more than 10 percent of attacks exceeded 60 …

Q1 2013 was quite notable for DDoS attacks. The most formidable distributed denial of service (DDoS) attacks – ever – occurred in the first quarter of 2013; more than 10 percent of attacks exceeded 60 Gigabits per second (Gbps), and volumetric bandwidth averaged an attention grabbing 48.25 Gbps.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
172
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Overview of Prolexic Quarterly DDoS Attack Report: Q1 2013IntroductionQ1 2013 was quite notable for DDoS attacks. The most formidable distributed denial of service(DDoS) attacks – ever – occurred in the first quarter of 2013; more than 10 percent of attacksexceeded 60 Gigabits per second (Gbps), and volumetric bandwidth averaged an attentiongrabbing 48.25 Gbps. Additionally, the notorious DDoS attack on Spamhaus.org occurred thisquarter.One of the most important trends was the targeting of internet service providers (ISPs) andcarrier router infrastructures. Packets-per-second (PPS) were notable as well (see the fullreport). Most DDoS mitigation equipment is limited by PPS capacity. Even routers carryingtraffic to DDoS mitigation equipment would be strained at the level seen in Q1 2013. However,because Prolexic operates upstream in the cloud, it typically intercepts traffic long before anattack saturates carrier networks, making Prolexic one of the few companies in the world thatcan mitigate the high-level of DDoS traffic experienced in Q1 2013.Analysis of Attack TypesIn Q1 2013, attackers favored launching infrastructure (Layer 3 and Layer 4) attacks directedagainst bandwidth capacity and routing infrastructure more so application layer attacks.However, application attacks were still significant. Favored attack types were SYN, GET, UDP,and ICMP floods. (Download the full report for details.)DDoS Attack Frequency in Q1: 2013 vs 2012Prolexic mitigated the most DDoS attacks ever in Q1 2013. March accounted for 44 percent ofthe Q1 2013 attacks. The most active week for DDoS attacks in Q1: March 19-26, as shownbelow.
  • 2. Overview of Prolexic Quarterly DDoS Attack Report: Q1 2013Top Ten Source Countries: DDoS Attacks in Q1 2013The first quarter revealed China as the leader of malicious traffic with 40 percent of sourcedbotnet activity. The U.S. and Germany were second and third, respectively, as shown below.Read the full Q1 2013 Global DDoS Attack Report for more details, including:• Average and trends in attack duration and bandwidth• Total number and trends of attacks by type• Year-over-year and quarter-over-quarter comparisons• Case study 1: An enterprise attack• Case study 2: Metrics from a DNS reflection and amplification attack against Prolexic,including a heat map of source countries for this attack.• A forward look at emerging DDoS trendsAbout ProlexicProlexic Technologies is the world’s largest and most trusted distributor of DDoS protection andmitigation services. Learn more at www.prolexic.com.About PLXsertProlexic Security and Engineering Response Team (PLXsert) monitors the global maliciouscyber threats and actively analyzes DDoS attacks using proprietary techniques and equipment.