DDoS attacks: 150Gb per second and rising

Distributed denial of service (DDoS) attacks, favoured tactic of hacktivists and extortionists alike, are getting bigger, more numerous, and even smarter.
Written by Stilgherrian , Contributor

Play audio version

On this week's Patch Monday podcast (on Tuesday, thanks to yesterday's public holiday across most of Australia) you'll hear an overview of the current trends in DDoS.

"Certainly, attacks are on the increase, and the size of attacks are also increasing," said Alex Caro, Akamai Technologies' chief technology officer and vice-president of services for Asia Pacific and Japan.

Akamai saw DDoS attacks against their customers double in number between 2010 and 2011, and the company expects this trend to continue for 2012.

"The biggest attack that we've seen is around 150 gigabits per second, and we expect much larger attacks in the future," Caro said.

But even that level of malicious traffic is easily absorbed, he said.

"Today, we're probably serving eight, maybe ten terabits per second of traffic at peak, so a 150 gigabit per second denial of service attack is actually fairly small when all is said and done."

Other attacks seen by Akamai have continued for months.

According to information security vendor Imperva's Hacker Intelligence Initiative, Monthly Trend Report #12 (PDF), DDoS attacks are cheap and easy to conduct, because there's no need to penetrate the network — and so there's no need to identify vulnerabilities to disrupt a web application. Nevertheless, attackers are getting smarter.

"Attackers realise that, instead of firing a really ridiculous amount of traffic to take down a website, they could use some more clever traffic in order to shut it down [with] much less effort," said Tal Be'ery, web security research team leader at Imperva.

"In previous years, they've focused on really flooding the network ... with UDP packets and so forth. In order to do that, you need a lot of firepower. And now, they're going up the application stack and going to the HTTP, and even to the application layer."

Caro and Be'ery also outline the broad strategies for defending against DDoS.

To leave an audio comment on the program, Skype to stilgherrian, or phone Sydney +61 2 8011 3733.

Running time 23 minutes, 42 seconds.

Editorial standards