DDoS Attacks Increasing In Size And Volume As Smart Devices Are Targeted

The size and volume of Distributed Denial of Service (DDoS) attacks has increased four-fold over the past year, as hackers and cyber criminals seize control of more devices and deploy more sophisticated methods, according to research from Akamai.

The cloud services provider says there was a 339 percent year-on-year increase in average attack bandwidth as the total number of DDoS attacks rose by 22 percent.

High bandwidth and high volume attacks were made possible using multi-vector attack methods, with more than half of all attacks using such tactics, a 9 percent increase from last year. Akamai says this can be explained by better availability of toolkits and an expanded ‘DDoS for hire’ criminal industry.

DDoS increase

Attackers are also using a wider variety of devices to launch assaults, with cable modems, smartphones and embedded devices all being targeted. Hackers are also looking to gain control of Linux systems by exploiting vulnerable web- based applications in order to strengthen botnets.

“DDoS attack size and volume have gone through the roof this year,” says John Summers, vice president of Akamai’s security business unit. “. “In the third quarter alone, Akamai mitigated 17 attacks greater than 100 gigabits-per-second, with the largest at 321Gbps.

“Interestingly, we witnessed none of that size in the same quarter a year ago and only six last quarter. These mega-attacks each used multiple DDoS vectors to deliver large bandwidth-consuming packets at an extremely high rate of speed.”

Earlier this year, a 400Gbps DDoS attack targeted an unnamed CloudFlare customer in what was believed to be the largest ever assault in Europe, while Sony, Blizzard and RBS have been among firms targeted in the past year.

Akamai also noted the prominence of phishing attacks, which are still favoured by hacktivists looking to gain login credentials and confidential information. During the third quarter, CNN and the Associated Press were among those to suffer, with the Syrian Electronic Army (SEA) highlighted as a particular advocate of this type of attack.

Typically, the SEA sends emails to members of targeted organisation with a fake log-in page in the hope of tricking the user into surrendering their details. A similar tactic was employed in a recent attack on iCloud users in China, with the Chinese government suspected of orchestrating the scam, although Beijing has denied any involvement.

Are you a security pro? Try our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

View Comments

  • If the Blackhats can break into places like EBay, CIA, etc., etc., regular as clockwork, our only hope is to isolate ourselves as far as possible.
    Here are my amateur best ideas so far:

    1. Get away from anything Microsoft.
    ESpecially the Browser.
    Use Firefox or Chrome.

    2. NEVER ever open cute pictures from ANYWHERE.
    ESpecially in emails or honey-traps like FAcebook and Twitter.

    3. Change your operating System to Linux and install VBox.
    Do this and you can even still run Windows INSIDE the vault of VBox. (If you MUST)

    4. Get a second cheap PC just for connecting to the Internet as in (3).

    5. NEVER click on an email from your bank or any Authority - even your Mum, unless you check the actual url VERY carefully.

    6. I have in the past been caught by every one of these faults.
    DO NOT BELIEVE anything out there - it is a jungle.

    7. Don't worry about your password complexity. They can crack anything today, but usually simply steal it from somewhere supposedly safe.

    SO: Invent a simple phrase with 3 numbers in the middle: I hate 101 cats
    Then change it every Friday or Monday e.g. I hate 112 dogs.

    Finally, Get rid of your Credit Cards!! Get a DEBIT Card and only top it up as required on-line and from a hidden Account.

    Good Luck.....

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago