DDoS attacks hit record peak: Akamai

The latest State of the Internet report from Akamai Technologies has found that DDoS attacks reached peak levels in Q3 2015, with online gaming receiving half of the total recorded DDoS attacks.
Written by Asha Barbaschow, Contributor

In the third quarter of 2015, distributed-denial-of-service (DDoS) attacks reached a new record, with Akamai Technologies reporting a 180 percent increase over Q3 2014 and a 23 percent increase over this year's second quarter.

In its latest report, Akamai's State of the Internet: Security Q3 2015, Akamai says that despite the peak DDoS attacks, average peak bandwidth and volume, as well as attack duration, decreased.

The report [PDF] found the United Kingdom was the source country for 25.6 percent of DDoS attacks for the quarter. However, Akamai said the UK's climb to the top was indicative not of the region's strengthening underground, rather as a result of fewer confirmed attack sources from other countries.

In Q2 2015, China was the country of origin for just over 37 percent of DDoS attacks.

According to Akamai, the online gaming sector copped the biggest blow for the three months ending September 2015, with 50 percent of all DDoS attacks heading in that direction. Software and technology suffered 25 percent of DDoS attacks, while financial services were hit by 8 percent.

Akamai said online gaming has been the number one target since the second quarter of 2014, and warned this quarter might experience history repeating itself.

"Some of the largest console gaming networks were openly and extensively attacked in December 2014 when more players were likely to be affected due to the new networked games launched for the holiday season," the report says. "At the end of 2015, it is likely we'll see a similar pattern emerge again."

Looking forward, Akamai expects DDoS attacks to remain a popular weapon of choice for attackers.

"In the coming months, we expect more records to be set for the number of DDoS attacks recorded on Akamai's routed network, though the attack vectors and methods will continue to vary," the report says.

"Expect the heavy barrage of DDoS attacks against the gaming industry to continue, as players keep looking for an edge over competitors, and security vulnerabilities in gaming platforms continue to attract attackers looking for low-hanging fruit.

"Financial services will also remain a top target given the myriad opportunities malicious actors have to extract and monetise sensitive data."

Last month, Kaspersky Lab's DDoS Intelligence Report found that financial institutions in Australia and New Zealand were among the first to fall victim to DDoS attacks in the third quarter of 2015.

Kaspersky attributed a number of the financial sector's DDoS attacks to the cyber criminal group, DD4BC, which stands for "DDoS for Bitcoin". In Q3 2015, DD4BC targeted banks, media groups, and gaming companies, and had threatened to take down their customer websites unless a ransom was paid.

In its latest report [PDF], Kaspersky found that two-thirds of internet users are worried about online financial fraud, yet 11 percent of consumers use no security solution at all to protect themselves. According to Kaspersky, concern around the vulnerability of online payment transactions is leading to an increasing number of consumers abandoning them.

"Personal financial information is clearly valuable to cyber attackers, who may be looking to exploit user details or even sell them to third parties for a profit, so it's understandable that people are increasingly concerned about the risk of online fraud," Ross Hogan, global head of the fraud prevention division at Kaspersky Lab, said.

"Banks should be putting robust solutions in place to provide their customers with confidence in the convenience of online and mobile banking. At the same time, banking customers shouldn't be letting their fears get in the way of enjoying the benefits of making financial transactions online."

Despite 65 percent of consumers are concerned about financial fraud, Kaspersky previously found that one in seven people are not sufficiently security savvy, using just one password for all of their online accounts.

"Unfortunately, many people don't have a very good understanding of the scale of internet threats and are not serious enough about protecting their personal data online, significantly increasing the risk of losing it," David Emm, principal security researcher at Kaspersky Lab, said at the time.

"A strong password that differs for each account is an important basic element of protecting your digital identity. You can think of and apply a single algorithm to create passwords which are not easily cracked but which you can easily remember."

Editorial standards