Q4 2017 DDoS Trends Report: Financial Sector Experienced 40 Percent of Attacks

10:12 | 26/03/2018 Information Technology

(VEN) - Verisign just released its Q4 2017 DDoS Trends Report, which represents a unique view into the attack trends unfolding online, through observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of Verisign DDoS Protection Services and security research conducted by Verisign Security Services.

Verisign saw that 46 percent of attacks in Q4 2017 employed five or more attack types; however, the number of attacks have decreased since Q3 2017.

The largest volumetric and highest intensity DDoS attack observed by Verisign in Q4 2017 was a multi-vector attack that peaked approximately 53 Gigabits per second (Gbps) and around 5 Million packets per second (Mpps). The attack consisted of a wide range of attack vectors including TCP SYN and TCP RST floods, DNS amplification attacks, Internet Control Message Protocol (ICMP) floods, and invalid packets

Key DDoS trends and observations: 42 percent of DDoS attacks were User Datagram Protocol (UDP) floods; 82 percent of DDoS attacks mitigated by Verisign in Q4 2017 employed multiple attack types. The Financial industry, representing 40 percent of mitigation activity, was the most frequently targeted industry for Q4 2017. The IT/Cloud/SaaS industry, previously the most targeted industry, experienced the second highest number of DDoS attacks, representing 33 percent of mitigation activity.

Collaboration is vital for effective distributed denial of service (DDoS) mitigation. A mitigation response could often benefit from the involvement of a number of stakeholders. In an ideal scenario, all groups could work to mitigate the DDoS attack and bring the organization’s critical systems back to optimal levels as quickly as possible. This level of complex coordination has traditionally been carried out using telephones and emails.

However, there are other options for mitigation providers to help facilitate automated collaboration during a DDoS mitigation. A standard method of signaling for mitigation assistance upstream could simplify and streamline the process of coordinating the many components usually deployed in a DDoS mitigation. This is where DDoS Open Threat Signaling (DOTS) comes into play.

Minh Ky