Categories: SecurityWorkspace

Super-Charged DDoS Attacks Spike In 2012

This year has seen distributed denial of service (DDoS) attackers increase the power of DDsS attacks massively, according to figures exclusively shown to TechWeekEurope.

DDoS attacks see servers overwhelmed with traffic, causing a target’s website to go down. All kinds of organisations use DDoS attacks, from hacktivists like Anonymous to private companies wanting to stymie competition, and figures have shown they are upping their efforts.

The average size of an attack went up 27 percent in 2012, hitting 1.56Gbps in June, compared to 1.23Gbps in 2011, second quarter data from anti-DDoS vendor Arbor Networks showed. June’s average attack speed was 82 percent up on the same month in 2011.

There was also a return to growth in super-powered hits, with a 105 percent rise in the proportion of DDoS attacks measuring in at over 10Gbps. Between 2011 and 2010 that proportion was down 34 percent.

Multi-vector DDoS attacks

Arbor told TechWeekEurope that attackers were increasingly combining big volumetric attacks with stealthy application-level attacks, which are harder to identify due to a lower level of traffic.

“We are still seeing a lot of the more stealthy application layer attacks going on out there, although now they are quite often accompanied by a volumetric attack.  Attackers have learned that by generating application and volumetric attacks (multi-vector ) at the same time they can take sites and services down, and keep them down, for longer periods,” said Darren Anstee, solutions architect at Arbor.

“Using multiple vectors makes it more difficult for operational security teams to figure out exactly what is going on, as different parts of the attack can impact different areas of infrastructure. Application layer attacks target the application servers, state-exhaustion attacks target firewalls, load balancers etc.”

Despite the rise in DDoS power, the highest powered attacks have hit something of a plateau. The biggest monitored attack so far this year came in at 100.84Gbps, lasting 20 minutes, where 2011’s record of 101.394Gbps has not yet been surpassed in 2012.

“It does appear that on the Gigabit per second side of things, right at the top end, attacks sizes may have plateaued.  Why?  It could be that 100Gbps of attack traffic  is ‘all’ that is required to take down anything that has been targeted thus far, or, we could have reached some kind of limitation in some of the tools,” Anstee said.

For the first time, the port used for Xbox Live connections (port 3074) showed up on Arbor’s findings, taking up 0.76 percent of attacks. Port 80, used by the HTTP protocol, is the prime target for DDoSers, with 29 percent of strikes hitting it in Q2.

“There are unfortunately quite a lot of attacks between on-line gamers (this is multiplayer online gaming, rather than gambling).  These attacks are used either to give one player an advantage over another, or avenge a defeat,” Anstee added.

Botnets are a major part of the problem, as TechWeekEurope’s recent investigation into the underground DDoS market found. Law enforcement and industry firms continue to work with one another on knocking down botnets, as seen in last week’s effort to kill off super-spammer Grum. But most believe arrests are needed to truly counter the rise of malicious networks.

Are you a security pro? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

View Comments

    • Hi,

      Data comes from Arbor Networks' ATLAS initiative, which gets data from over 230 ISPs and from across its own user base, monitoring almost real-time information. ATLAS monitors a big portion of Internet traffic, reaching peaks of over 34Tbps.

      Thanks
      Tom Brewster, Deputy Editor

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

11 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

14 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

15 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

16 hours ago