09:13 | 01/06/2017 Science - Technology
(VEN) - Verisign just released its Q1 2017 DDoS Trends Report, which represents a unique view into the attack trends unfolding online, through observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of Verisign DDoS Protection Services.
Verisign saw a 23 percent decrease in the number of attacks in Q1 2017; however, the average peak attack size increased 26 percent compared to the previous quarter. Overall, average peak attack sizes have been noticeably larger since Q1 2016, with peak sizes over 10 Gigabits per second (Gbps).
The largest volumetric and highest intensity DDoS attack observed by Verisign in Q1 2017 was a multi-vector attack that peaked over 120 Gbps and around 90 Million packets per second (Mpps). This attack sent a flood of traffic to the targeted network in excess of 60 Gbps for more than 15 hours. The attack was notable because the attackers were persistent, sending attack traffic on a daily basis for over two weeks. The attack consisted primarily of TCP SYN and TCP RST floods of varying packet sizes and employed one of the signatures associated with the Mirai IoT botnet. The event also included UDP floods and IP fragments which increased the volume of the attack.
Fifty-seven percent of the DDoS attacks mitigated by Verisign in Q1 2017 employed multiple attack types. Forty-six percent of DDoS attacks were UDP Floods.
TCP-based attacks were the second most common attack vector, making up 33 percent of attack types in the quarter.
The IT/Cloud/SaaS industry, representing 58 percent of mitigation activity, was the most frequently targeted industry for the tenth consecutive quarter. The Financial Sector industry experienced the second highest number of DDoS attacks, representing 28 percent of mitigation activity. This is a large increase from the 7 percent mitigation during the prior quarter.