Global DDoS attacks increase 90 percent on last year

The increase of distributed denial-of-service attacks during Q4 2014 was driven by the rise of the Internet of Things, and the increasing exploitation of web vulnerabilities and botnet building.
Written by Aimee Chanthadavong, Contributor

Akamai Technologies' Q4 2014 State of the Internet - Security report has found that the number of distributed denial-of-service (DDoS) attacks nearly doubled since 2013.

The report (PDF) showed DDoS attacks increased by 90 percent from Q4 2013, and increased by 57 percent compared to the last quarter. There was also a 52 percent increase in average peak bandwidth of DDoS attacks compared to Q4 2013.

Akamai observed that the rise of Internet of Things devices is having a profound impact on the DDoS threat landscape. The report showed that SSDP flood attacks increased by 214 percent from the last quarter, with one campaign generating 106Gbps of malicious traffic.

Despite this, the report showed that attackers continued to favour force over technique in their approach, which was aided by the exploitation of web vulnerabilities, the addition of millions of exploitable internet-enabled devices, and botnet building.

Attackers also leveraged multiple attack vectors during Q4. In the quarter, 44 percent of DDoS attacks leveraged multiple attack vectors, representing an 88 percent increase in the number of multi-vector attacks since Q4 2013. Akamai said the expansion of the DDoS-for-hire market promoted the execution of multi-vector campaigns.

Attack duration increased during the quarter by 31 percent to 29 hours, from last quarter at 22 hours. This increase is similar to a 28 percent year-over-year increase from Q3 2013, at 23 hours.

As for the timing of DDoS attacks, the report showed it was distributed evenly in Q4, a trend that Akamai said has been fueled by the increasing number of targets of greater value in previously under-represented geographic locations.

(Image: Screenshot)

Meanwhile, Akamai said the United States and China continued as the lead source countries for DDoS traffic, with the US accounting for 31.54 percent of attacks, and China for 17.61 percent. This is a change from the last quarter, where Brazil, Russia, and India dominated as the source countries for DDoS attacks.

Akamai said gaming remained the most targeted industry since Q2 2014, and experienced a 2 percent increase this quarter. In Q4, attacks were fueled by malicious actors seeking to gain media attention or notoriety from peer groups, damage reputations, and cause disruptions in gaming services. Some of the largest console gaming networks were openly and extensively attacked in December 2014, when more players were likely to be affected.

The software and technology industry, which includes companies that provide solutions such as software-as-a-service and cloud-based technologies, came in as the second most targeted industry during the quarter. According to Akamai, this industry saw the sharpest climb in attack rates, up 7 percent from last quarter to 26 percent of all attacks.

"An incredible number of DDoS attacks occurred in the fourth quarter, almost double what we observed in Q4 a year ago," said John Summers, vice president, Akamai cloud security business unit.

"Denial of service is a common and active threat to a wide range of enterprises. The DDoS attack traffic was not limited to a single industry, such as online entertainment that made headlines in December. Instead, attacks were spread among a wide variety of industries."

Editorial standards