DDoS Threat Report 2018 Q1

Looking at the historical landscape clearly shows cyber perpetrators dogged pursuit of stronger firepower. Two waves of amplification attacks have come to the forefront recently: The first wave consisted of DNSSEC Amplification attacks observed in our Q4 2017 Threat Report, while the second one appeared this quarter in the form of Memcached attacks.

  • DNS Amplification attacks surged 201.42% quarter-on-quarter (QoQ) and 660.92% year-on-year (YoY).
  • 55 of the attacks were due to exploited Memcached servers.
  • The amplification factor of attacks leveraging Memcached servers can go as high as 51,000X.
  • Two-vector attacks were primarily NTP and DNS Amplification attacks using UDP in a volumetric role.
2018Q1

Nexusguard’s honeypot collected lots of information about Memcached attacks. Source IPs gathered from the scanning logs are believed to be bot/attacker IPs since valid addresses had to be used to check the Memcached server and accept return traffic. The attack log shows that perpetrators spoofed the source IP to the victim IP so the Memcached server would forward attack traffic directly to victims.

You may be interested in

DDoS Statistical Report for 1HY 2023

The DDoS Statistical Report for 1HY 2023 shows significant changes in attack patterns and trends in the first half of 2023, revealing details of attack size, duration, types, categories, distribution and targets.

The most common attack types in 1HY 2023 were NTP Amplification Attacks and ...

DDoS Statistical Report for 2022

This is the Distributed Denial of Service (DDoS) Statistical Report for 2022. This comprehensive report unveils the global shift in the DDoS threat landscape, providing key observations, metrics, and trends for the year. Discover the types of att...

DDoS Statistical Report for 1HY 2022

In the first half of 2022, the total attack count and average attack size increased by 75.60% and decreased by 55.97% respectively compared to the figures recorded in the second half of 2021. Compared to the second half of 2021, the maximum attack size...

DDoS Statistical Report for 2021

In 2021, the total attack count and average attack size both fell by 13.32% and 50.00% respectively compared to the figures registered in 2020. Compared to 2020, the maximum attack size increased by 296.62%, with the maximum attack size clocking in at 699.20 Gbps. Besides, Read More >

DDoS Threat Report 2021 Q3

Q3 saw a notable trend in which attackers launched DDoS attacks at single targets within a CSP, attributing an attack size increase of 544% QoQ and 232% YoY. Over 55% of attacks focused on hitting a specific service with high volumes of traffic simultaneously, and according to our research, sever...