DDoS Threat Report 2016 Q3

In Q3 2016, reflection-based DDoS attacks decreased, while botnets picked up more headlines. The quarter did, however, see a few notable DDoS attacks that made international news: one targeting Brian Krebs, a journalist covering the cybercrime beat, and another hitting OVH, an Internet hosting provider. Both attacks utilized botnets, which isn’t rare, although the speeds with which they were launched were unprecedented for botnets. A branch of the jgamblins github containing the source code can be seen here: https://github.com/kingtuna/Mirai-Source- Code. The botnet (Mirai) consisted of systems that were on-boarded via telnet password cracking in a process that the coder described as a real-time load. It’s interesting that the botnet used GOLang to control the environment (we switched over C for our service emulation).

Overall, the quarter was characterized by a daily downtick in the average number(1269) of reflection-based DDoS attacks, a decrease on nearly 40%.




Q3 2016 said goodbye to UnrealTournament- and Sentinel-based attacks, although the number of attacks for both services was pretty small to begin with. Just as in Q2, NTP continued to reign supreme as the go-to tool for Q3 DDoS attacks in Asia. During the quarter NTP accounted for 90% of all reflective attacks — well above the global average of 66%. Chargen — NTP’s nearest “competitor” — accounted for only 6% of attacks.

You may be interested in

DDoS Statistical Report for 1HY 2022

In the first half of 2022, the total attack count and average attack size increased by 75.60% and decreased by 55.97% respectively compared to the figures recorded in the second half of 2021. Compared to the second half of 2021, the maximum attack size...

DDoS Statistical Report for 2021

In 2021, the total attack count and average attack size both fell by 13.32% and 50.00% respectively compared to the figures registered in 2020. Compared to 2020, the maximum attack size increased by 296.62%, with the maximum attack size clocking in at 699.20 Gbps. Besides, Read More >

DDoS Threat Report 2021 Q3

Q3 saw a notable trend in which attackers launched DDoS attacks at single targets within a CSP, attributing an attack size increase of 544% QoQ and 232% YoY. Over 55% of attacks focused on hitting a specific service with high volumes of traffic simultaneously, and according to our research, sever...

DDoS Threat Report FHY 2021

Small bit-and-piece DDoS attacks boomed by 233% in the first half of 2021. As the pandemic carried on into 2021, hackers experimented with new attack patterns to avoid signature-based detection. More than 99% of all DDoS attacks were smaller than 10Gbps, as we had predicted in 2020. These small, ...

Annual Threat Report 2020

This annual report is to review a year that was defined by arguably the worst pandemic the world has seen in 100 years. We look back at some of the key insights, findings and trends covered in our previous quarterly reports, and how COVID-19 impacted not only cybersecurity, but also the way we no...