Preview of NSFOCUS DDoS Threat Report 2013 Reveals 91.1 Percent of Attacks Lasted Less Than 30 Minutes
Attacks are smaller, shorter and repeating, with 63.6 percent of victims being attacked multiple times
SANTA CLARA, Calif.--(BUSINESS WIRE)--NSFOCUS, Inc. (NSFOCUS), a global provider of solutions and services for distributed denial-of-service (DDoS) detection and mitigation, today released the top 10 findings of its soon-to-be published DDoS Threat Report 2013. The preview of this semi-annual report highlights the latest DDoS trends and statistics based on 244,703 incidents observed by the NSFOCUS Threat Response and Research (TRR) team or mitigated by the Managed Security Service (MSS) team in 2013 from a global mix of large enterprises, financial institutions, regional telecom operators, and tier-1 and tier-2 data centers and hosting companies.
“Attackers are smarter than ever before. ‘Hackernomics,’ deploying whatever form of attack causes the most damage with minimal effort, is driving the change in tactics. Businesses that fail to take the threat of DDoS attacks seriously run the risk of lost revenue and damaged reputations.”
The top 10 findings reveal that DDoS attacks in 2013 were short in duration, small in size and frequently repeating, showing that attackers are evolving their methods to achieve the maximum amount of damage using few resources. Highlights of the findings include:
- Overall, 91.1 percent of attacks lasted less than 30 minutes.
- A total of 79.8 percent of all attacks were 50 Mbps or less. Only 0.63 percent of all attack incidents were 4 Gbps or more.
- Of targeted victims, 63.6 percent were attacked more than once.
- DNS_FLOOD significantly increased from 13.1 percent during the first half of the year to 50.1 percent in the second half. Domain name system (DNS) infrastructure is still extremely vulnerable and remains one of the top DDoS attack targets.
- The longest single attack lasted 1,666 hours – 69 days and 10 hours.
- The highest frequency a single victim experienced was 319 separate DDoS attacks within a six-month period.
- Attacks targeting Internet service providers increased from 1.1 percent in the first half of the year to 7.8 percent in the second half. Attacks targeting the online game sector have risen to 5 percent of the total.
- “Hacktivism” remained the top motive, with 40.72 percent of DDoS attacks targeting government entities and non-governmental organizations (NGOs).
“DDoS is an effective cyber method for shutting down businesses and derailing operations and revenue. In 2013, we saw cyberattackers employ sophisticated techniques and persistent processes to go after their targets,” said Frank Ip, vice president of U.S. operations for NSFOCUS. “Attackers are smarter than ever before. ‘Hackernomics,’ deploying whatever form of attack causes the most damage with minimal effort, is driving the change in tactics. Businesses that fail to take the threat of DDoS attacks seriously run the risk of lost revenue and damaged reputations.”
The NSFOCUS DDoS Threat Report 2013, which provides in-depth details of statistical analysis and observations, will be available in March 2014. For the full list of the Top 10 Findings, visit here.
Founded in 2000, NSFOCUS, Inc. (NSFOCUS) provides enterprise-level carrier-grade solutions and services for distributed denial-of-service (DDoS) mitigation, Web security and enterprise-level network security. With more than 13 years of experience in DDoS research, development and mitigation, NSFOCUS has helped customers around the world maintain high levels of Internet security, website uptime and business operations to ensure that their online systems remain available. The NSFOCUS Anti-DDoS System (ADS) empowers customers to find and fend off a variety of incidents, from simple network-layer attacks to more sophisticated and potentially damaging application-layer attacks, all while guaranteeing legitimate traffic gets through to networks and corporate-critical systems. For more information, visit www.nsfocus.com.