According to the latest Prolexic Quarterly Global DDoS Attack Report for Q2 of 2014, distributed denial of service (DDoS) attack activity and attack sizes have remained elevated throughout the first half of this year. While DDoS activity normally fluctuates, these results are particularly significant, as activity has instead continued near Q1's record-setting levels.

Compared to this time last year, DDoS attacks have become shorter, but stronger. The report reveals average attack bandwidth is up 72% and peak bandwidth increased more than 240% since Q2 of 2013. At the same time, attack duration dropped significantly, now averaging 17 hours per attack.

Attacks are getting larger and more aggressive. Malicious actors were able to generate such large attack sizes by employing reflection and amplification techniques and by infiltrating vulnerable, but powerful, servers instead of PCs. Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS) vendors with server instances running software with known vulnerabilities, including versions of the Linux, Apache, MySQUL and Microsoft Windows server operating systems are just some of the targets for attacks. Also targeted are vulnerable versions of common web Content Management Systems (CMS), such as WordPress, Joomla, or their plugins.

Attacks involving these servers have been observed only in the most sophisticated and carefully orchestrated DDoS campaigns, the report reveals. Their high-volume infrastructure attacks have had signatures that appear to be specifically crafted to avoid detection by DDoS mitigation technology.

Even though outages are shorter than ever before, they are still clearly bad for business. Seventeen hours of unmitigated downtime is too long for nearly any industry to tolerate. Web vulnerabilities have become the gateway for some of the most sophisticated DDoS attack campaigns ever launched, and organizations and vendors including PaaS and SaaS companies cannot ignore current and future threats, the report claims.

The report also reveals that while the use of server-based botnets is on the rise, the itsokonoproblembro (Brobot) botnet may be poised for a strategically targeted return at any time. Brobot-based DDoS attacks warrant complex mitigation strategies, highly skilled expertise and sophisticated defense strategies.

The effectiveness of attacks, along with the availability of vulnerable cloud-based software, means that attacks are likely to continue, and attacks may be monetized in the underground DDoS marketplace, the report claims. They pose a significant danger to businesses, governments and other organizations that could have an entire data center taken offline for the duration of the attack.

Special Reports /

Prolexic DDoS Attack Report reveals elevated attack levels

Related Stories

Recommended For You