In Q3 2016, reflection-based DDoS attacks decreased, while botnets picked up more headlines. The quarter did, however, see a few notable DDoS attacks that made international news: one targeting Brian Krebs, a journalist covering the cybercrime beat, and another hitting OVH, an Internet hosting provider. Both attacks utilized botnets, which isn’t rare, although the speeds with which they were launched were unprecedented for botnets. A branch of the jgamblins github containing the source code can be seen here: https://github.com/kingtuna/Mirai-Source- Code. The botnet (Mirai) consisted of systems that were on-boarded via telnet password cracking in a process that the coder described as a real-time load. It’s interesting that the botnet used GOLang to control the environment (we switched over C for our service emulation).
Overall, the quarter was characterized by a daily downtick in the average number(1269) of reflection-based DDoS attacks, a decrease on nearly 40%.