DDoS attacks were more frequent but smaller in Q3

Global DDoS activity surged 180% year-on-year in the third quarter to set a new record number of attacks, Akamai’s latest State of the Internet Security report indicates.

The CDN provider detected 1150 DDoS attacks across the Akamai routed network during the quarter.

But while the attacks were more frequent, on average the attacks were shorter and with lower average peak bandwidth and volume.

There were also fewer ‘mega attacks’ — defined as attacks greater than 100 Gbps. There were eight such attacks during the quarter, compared to 12 in Q2 and 17 a year ago. In addition, the largest attack measured in Q3 was 149 Gbps, compared to a peak 250 Gbps attack last quarter.

But one attack during the third quarter set a record by a different measure of attack size. A media and entertainment company was hit by an attack measuring 222 million packets per second, beating the previous record of 214 million packets per second from an attack in the second quarter.

Akamai said its analysis also shows that reflection-based DDoS attacks are proving more popular than infection-based DDoS attacks because of the advantage of not needing to spend time building and maintaining DDoS botnets.

“Although recent DDoS attacks were on average smaller and shorter [during the third quarter], they still posed a significant cloud security risk,” Akamai Vice President for Cloud Security John Summers commented.

“Attacks are being fuelled by the easy availability of DDoS-for-hire sites that identify and abuse exposed internet services, such as SSDP, NTP, DNS, CHARGEN, and even Quote of the Day.”

Image courtesy of Michael Himbeault under CC