Prolexic Quarterly DDoS Attack Report Q1 2013


Published on

Prolexic is the world's largest and most trusted distributed denial of service (DDoS) protection & mitigation services as well as network intrusion prevention solutions.

Published in: Technology, News & Politics
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Prolexic Quarterly DDoS Attack Report Q1 2013

  1. 1. Overview of Prolexic Quarterly DDoS Attack ReportQ1
  2. 2. www.prolexic.comProlexic Quarterly DDoS Attack Report: Q1 2013• What happened in Q1 2013?– The most formidable distributed denial of service(DDoS) attacks to date– More than 10 percent of attacks exceeded 60Gigabits per second (Gbps)– The headline-making attack2May 2013
  3. 3. www.prolexic.comAverage Bandwidth of DDoS Attacks in Q1 2013• Volumetric bandwidth averaged an attention-grabbing 48.25 Gbps3
  4. 4. www.prolexic.comEmerging DDoS Attack Trends: Q1 2013• Important trends?– Targeting Internet Service Providers (ISPs) andCarrier router infrastructures– High average packets-per-second (PPS)• Greater average than most DDoS mitigation equipmentcapacity.• Even routers carrying traffic to the mitigationequipment would be strained at this level– See full report for details on PPS trends4
  5. 5. www.prolexic.comAnalysis of Attack Types: Q1 2013• Attackers focused on infrastructure attacks• Favored application attacks were:– SYN– GET– UDP– ICMP• Download the full report for percentages and graphs by attacktype, including attack volume and trends5
  6. 6. www.prolexic.comDDoS Attack Frequency in Q1: 2013 vs 2012• Prolexic mitigated more DDoS attacks than ever in Q1 2013• The month of March accounted for nearly half of all Q1attacks (44 percent)6
  7. 7. www.prolexic.comTop Ten Source Countries: DDoS Attacks in Q1 20137
  8. 8. www.prolexic.comDDoS Attack Case Study: An Enterprise (Q1 2013)• Case 1: Enterprise Organization– Attack traffic peaked at a massive 130 Gbps– Multiple botnets with thousands of compromisedservers– Primarily SYN, UDP and DNS floods– Modifications to attack scripts executed on the fly,requiring expertise and responsiveness to block them– Successfully mitigated by Prolexic.– Get full report for specific attack vectors and trafficdistribution and other details8
  9. 9. www.prolexic.comDDoS Attack Case Study: DNS Reflection (Q1 2013)• Case 1: DNS Reflection attack against Prolexic– New extensions such as SNSSEC are being used asattack vectors– Attack directed at on Jan 23, 2013– Malicious actor used DNS amplification techniques• 64 byte request generated a response exceeding 3,000 bytesand averaged 1,200 bytes• 18x amplification– Successfully mitigated by Prolexic– View full report for specific attack metrics, trafficdistribution, heat map of participating countries, and more9
  10. 10. www.prolexic.comProlexic Q1 2013 Global Attack Report• Download the Q1 2013 Global Attack Report for:– Average and trends in attack duration and bandwidth– Total number and trends of attacks by type– In-depth case studies– Year-over-year and quarter-over-quarter comparisons– A look forward at emerging DDoS trends• About Prolexic– Prolexic Technologies is the world’s largest and most trusteddistributor of DDoS protection and mitigation services.– Prolexic Security and Engineering Response Team (PLXsert)monitors the global malicious cyber threats and activelyanalyzes DDoS attacks using proprietary techniques andequipment.10