<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">

DDoS Threat Report 2017 Q2

UDP-based (user datagram protocol) attacks increased by 15 percent this quarter, targeting hijacked devices connected to the Internet of Things (IoT).

  • UDP-based (User Datagram Protocol) attacks accounted for 77.4%, representing a 15% increase over Q1.
  • 23.68% of attacks targeted a single vector, while the rest (76.32%) were blended, multi- vector attacks.
  • More than 64% of attacks lasted less than 90 minutes; only 2.3% lasted longer than 1,200 minutes (20 hours).
  • 90% of attacks were smaller than 10Gbps (that’s large enough to knock a firewall or IPS offline, or take down networks that don’t have high-capacity, anti-DDoS mitigation).
  • About 34% of attacks originated from the People’s Republic of China (PRC), while 20.9% and 10.1% had IP sources, respectively, in the US and Switzerland.
  • Within the Asia Pacific region (APAC), about 75% of attacks originated from the PRC, 11% from Hong Kong, and 3.5% from Australian IP addresses.
2017_Q2

 

UDP Flood (User Datagram Protocol) was the most common DDoS method used in the quarter, surging 168% beyond Q4 2016’s level. Similar to SYN Flood by nature, UDP Flood is faster, simpler, and cheaper to launch through botnets, including hijacked IoT devices. It can also easily be manipulated to leverage an amplification factor to increase the attack size exponentially. The spread of IoT botnets over the past year is believed to have fueled the substantial growth of UDP-based attacks in recent quarters.

You may be interested in

DDoS Threat Report 2020 Q2

Attackers shifted tactics in Q2 2020, with a 570% increase in bit-and-piece DDoS attacks compared to the same period last year. Perpetrators used bit-and-piece attacks to launch various amplification and elaborate UDP-based attacks to flood target networks with tra...

DDoS Threat Report 2020 Q1

In the first quarter of the year, DDoS attacks rose more than 278% compared to Q1 2019 and more than 542% compared to the last quarter. While working from home has become the new norm due to COVID-19 pandemic restrictions, heavy use and reliance of online services ...

DDoS Threat Report 2019 Q4

An unprecedented concentration of DDoS attacks on US networks was observed, with more than 1,000 victims identified in various states. Whether motivated by politics, profiteering, crime or other malicious purposes, attacks were frequent and impactful. What’s more, ...

DDoS Threat Report 2019 Q3

DNSSEC (Domain Name System Security Extensions) remain the main driver of growth of DNS amplification attacks in the quarter, yet our analysts have detected a sharp and concerning rise in TCP SYN Flood attacks. TCP SYN Flood is not a new method, but findings indicate that techniques have grown in...

DDoS Threat Report 2019 Q2

DNS amplification attacks swelled in Q2 2019, with the amplified attacks spiking more than 1,000% compared with Q2 2018. Nexusguard researchers attributed Domain Name System Security Extensions (DNSSEC) with fueling the new wave of DNS amplification attacks, which accounted for more than 65% of t...