<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">

DDoS Threat Report 2019 Q1

Despite the earlier FBI crackdown, the DNS amplification types of DDoS attacks continued to be a favorite of DDoS-for-hire websites, soaring more than 40 times their volume compared to last quarter. The resurgence of DDoS-as-a-service and the growing botnets reinforce the evolving cyber threat of DDoS attacks for enterprises and communications service providers (CSPs).

  • "Booter” services are still readily available to meet the incessant demand for DDoS attacks — particularly DNS Amplification attacks.
  • Bit-and-Piece attack tactics evolved, becoming more automated and targeted, with attacks on targeted IP ranges showing a more precise and consistent pattern.
  • More than 60% of application attacks originated from botnets formed by mobile gateways.
  • The continued shift to the leverage of mobile devices in attacks, which has created a new breed of botnets that caused the maximum attack durations to spike to more than 40,000 minutes at a time, or more than 27 days.



Much to our surprise, while iOS is perceived as being more secure than Android, we observed that, nevertheless, more than 20% of application attack traffic is generated by iOS devices. Whether these phones were jailbroken, infected by malware, or contain zero-day exploits, the observation suggests that all smartphones are vulnerable to being leveraged to extract a user’s sensitive data or hijacked into a botnet for launching DDoS attacks.


You may be interested in

DDoS Threat Report 2020 Q2

A shift in attack tactics by perpetrators in Q2 2020, saw a 570% increase in bit-and-piece attacks compared to the same period last year. Attackers adopted a more elaborate practise of bit-and-piece attacks to launch various amplification and UDP-based attacks to f...

DDoS Threat Report 2020 Q1

In the first quarter of the year, DDoS attacks rose more than 278% compared to Q1 2019 and more than 542% compared to the last quarter. While working from home has become the new norm due to COVID-19 pandemic restrictions, heavy use and reliance of online services ...

DDoS Threat Report 2019 Q4

An unprecedented concentration of DDoS attacks on US networks was observed, with more than 1,000 victims identified in various states. Whether motivated by politics, profiteering, crime or other malicious purposes, attacks were frequent and impactful. What’s more, ...

DDoS Threat Report 2019 Q3

DNSSEC (Domain Name System Security Extensions) remain the main driver of growth of DNS amplification attacks in the quarter, yet our analysts have detected a sharp and concerning rise in TCP SYN Flood attacks. TCP SYN Flood is not a new method, but findings indicate that techniques have grown in...

DDoS Threat Report 2019 Q2

DNS amplification attacks swelled in Q2 2019, with the amplified attacks spiking more than 1,000% compared with Q2 2018. Nexusguard researchers attributed Domain Name System Security Extensions (DNSSEC) with fueling the new wave of DNS amplification attacks, which accounted for more than 65% of t...