Some of the emerging DDos trends are targeting of internet service providers and carrier-router in fractures. 74.7 percent of attacks targeted infrastructures. Favored attacks types were: SYN, ICMP, UDP, HTTP GET. Prolexic mitigated more DDos attacks than ever in Q2 2013.
2. www.prolexic.com
Prolexic Global DDoS Attack Report: Q2 2013
• What happened in Q2 2013?
– Average bandwidth reached 49.24 Gigabits per
second (Gbps)
– Packet-per-second (pps) rate averaged 47.4
million
– Average attack duration increase to 38 hours
– DDoS attacks got bigger, stronger and longer
2
May 2013 www.prolexic.com
4. www.prolexic.com
Emerging DDoS trends
• Identified trends:
– Targeting of Internet service providers (ISPs) and
carrier-router infrastructures
– High average packets-per-second (pps)
• Average pps exceeds the capacity of most DDoS
mitigation equipment
• Even routers carrying traffic to DDoS mitigation
equipment would be strained at this level
• See full report for details on pps trends
4
5. www.prolexic.com
Analysis of DDoS attack types in Q2 2013
• 74.7 percent of attacks targeted infrastructure
• Favored attack types were:
– SYN: 33 percent (infrastructure)
– ICMP: 15 percent (infrastructure)
– UDP: 10 percent (infrastructure)
– HTTP GET: 21 percent (application)
• Download the full report for percentages and graphs by attack
type, including attack volume and trends
5
6. www.prolexic.com
DDoS attack frequency in Q2 2013
• Prolexic mitigated more DDoS attacks than
ever in Q2 2013
• April was the busiest month: 39.7% percent of
all attacks
• April 8-14 and April 15-21 were the most
active weeks
6
7. www.prolexic.com
DDoS attack frequency in Q2 2013 vs. Q2 2012
• The chart shows the percent change in the number
of attacks by week from Q2 2012 to Q2 2013
7
9. www.prolexic.com
Case study: 167 Gbps DrDoS attack
• The largest attack that Prolexic has mitigated
• Leveraged misconfigured DNS servers for
distributed reflection denial of service (DrDoS)
attack
• Used amplification tactics to increase strength
• Attackers probably used a DDoS-as-a-service
stresser or booter suite with root/system-level
access
• Get the Q2 2013 DDoS Attack Report for specific attack vectors and
traffic distribution used in this attack
9
10. www.prolexic.com
Prolexic Global DDoS Attack Report: Q2 2013
• Download the Prolexic Q2 2013 Global DDoS Attack Report for:
– Average and trends in attack duration and bandwidth
– Total number and trends of attacks by type
– In-depth case studies
– Year-over-year and quarter-over-quarter comparisons
– A look forward at emerging DDoS trends
• Prolexic Technologies is the world’s largest and most trusted
distributor of DDoS protection and mitigation services.
• Prolexic Security and Engineering Response Team (PLXsert)
monitors the global malicious cyber threats and actively analyzes
DDoS attacks using proprietary techniques and equipment.
10