Q1 2016 has been incredibly interesting. New reflection services have been discovered, companies have increasingly become targets, and unexpectedly, the Number One target for DDoS attacks was DDoS researchers themselves. When analyzing our honeypot data, it came as no surprise that the majority of Internet- based scans was being conducted by research companies. But what was surprising is that the highest volume of attacks targeted researchers at Loryka LLC, which received 90 attacks in the quarter.
Currently protected by a DDoS mitigation company, Loryka was hit nearly every day, with NTP being the service of choice for the infrastructure attacks. We reached out to Justin Shattuck of Loryka who confirmed that the attacks targeted his research page (he noted that the page was just a landing page that contained no actual research data).