DDoS attacks: 150Gb per second and rising

DDoS attacks: 150Gb per second and rising

Summary: Distributed denial of service (DDoS) attacks, favoured tactic of hacktivists and extortionists alike, are getting bigger, more numerous, and even smarter.

TOPICS: Security

On this week's Patch Monday podcast (on Tuesday, thanks to yesterday's public holiday across most of Australia) you'll hear an overview of the current trends in DDoS.

"Certainly, attacks are on the increase, and the size of attacks are also increasing," said Alex Caro, Akamai Technologies' chief technology officer and vice-president of services for Asia Pacific and Japan.

Akamai saw DDoS attacks against their customers double in number between 2010 and 2011, and the company expects this trend to continue for 2012.

"The biggest attack that we've seen is around 150 gigabits per second, and we expect much larger attacks in the future," Caro said.

But even that level of malicious traffic is easily absorbed, he said.

"Today, we're probably serving eight, maybe ten terabits per second of traffic at peak, so a 150 gigabit per second denial of service attack is actually fairly small when all is said and done."

Other attacks seen by Akamai have continued for months.

According to information security vendor Imperva's Hacker Intelligence Initiative, Monthly Trend Report #12 (PDF), DDoS attacks are cheap and easy to conduct, because there's no need to penetrate the network — and so there's no need to identify vulnerabilities to disrupt a web application. Nevertheless, attackers are getting smarter.

"Attackers realise that, instead of firing a really ridiculous amount of traffic to take down a website, they could use some more clever traffic in order to shut it down [with] much less effort," said Tal Be'ery, web security research team leader at Imperva.

"In previous years, they've focused on really flooding the network ... with UDP packets and so forth. In order to do that, you need a lot of firepower. And now, they're going up the application stack and going to the HTTP, and even to the application layer."

Caro and Be'ery also outline the broad strategies for defending against DDoS.

To leave an audio comment on the program, Skype to stilgherrian, or phone Sydney +61 2 8011 3733.

Running time 23 minutes, 42 seconds.

Topic: Security


Stilgherrian is a freelance journalist, commentator and podcaster interested in big-picture internet issues, especially security, cybercrime and hoovering up bulldust.

He studied computing science and linguistics before a wide-ranging media career and a stint at running an IT business. He can write iptables firewall rules, set a rabbit trap, clear a jam in an IBM model 026 card punch and mix a mean whiskey sour.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • But hey

    Everybody keep downplaying the importance of getting individual PC users to shape up their security practices & knowledge, and you ISPs keep denying you should quarantine your customers who are part of a botnet.
  • Until heavier punishments are dished out

    expect more of the same.

    Then you need effective international agreements spanning the globe, to minimize any weak links in the delivery chain. Good luck there.
  • Liberate Us

    It's common knowledge that the builders of invasion software will always exist ...why ? Well to answer that let me take you back to a time long forgotten. A time when the only means of communication was the phone/partyline, Where every neighbor for miles around would pick up on your ring just to find something to gossip about. People are and always will be dependent on each other for "got to know" junk mail. So when I see big firms and organizations falling prey to out of country hacks I am not surprised. And those easy build DDoS attacks are just more of the same ..."hey Fred look what I can do" ! More press please.