Home / Industry

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

Distributed Denial of Service Trends Report
A unique view into the attack trends unfolding online for the previous quarter, including attack statistics, behavioral trends and future outlook.
(Click to Obtain Report)
Verisign just released its Q3 2014 DDoS Trends Report, which details observations and insights derived from distributed denial of service attack mitigations enacted on behalf of, and in cooperation with, customers of Verisign DDoS Protection Services from July through September of this year. Many notable observations were made, including a rise in the average number of attacks per customer, exploitation of the recently publicized SSDP vulnerability and some notable malicious code trends that will likely contribute to increased DDoS attack activity in the future.

Most notable, however, is the increase in frequency of DDoS attacks exceeding 10 Gbps in size, accounting for more than 20 percent of all mitigations, with the largest observed attack (90 Gbps) experienced by an E-commerce customer. This attack was a pulsing User Datagram Protocol (UDP) flood employed in short bursts of 30 minutes or fewer. It consisted primarily of Network Time Protocol (NTP) reflective amplification attack traffic. This activity was aimed at disrupting the critical online commerce capability of the customer and was successfully mitigated by Verisign.

With the 2014 holiday season in full swing, the E-commerce and Financial industries must be particularly vigilant and prepared for DDoS attacks during their peak revenue and customer interaction season. Historically, Verisign has seen an increase in DDoS activity against these verticals during the holidays and anticipates that this trend will continue. This highlights the need for more advanced DDoS protection capabilities other than the standard defenses of over-provisioning of bandwidth and on-premise mitigation devices, which are rendered ineffective the moment a DDoS attack exceeds an organization’s upstream bandwidth, or their Internet service provider’s capacity.

Following are highlights of various trends observed in the Q3 2014 DDoS Trends Report:

  • Attacks exceeding 10 Gbps in size increased in frequency to account for more than 20 percent of all mitigations.
  • Attackers were persistent in launching attacks against targeted customers, averaging more than three separate attempts per target.
  • For the first time, Verisign has directly observed attackers using a new protocol for UDP reflection attacks: Simple Service Discovery Protocol (SSDP / UDP port 1900).
  • The most frequently targeted industry this quarter was Media and Entertainment, representing more than 50 percent of all mitigation activity.
  • The largest attacks targeted the E-Commerce industry, with the largest peaking at more than 90 Gbps.

Access the full report here and be sure to check back in a few months to read our Q4 DDoS Trends Report.

Read more about what Verisign saw in Q2, including details about the largest attack (300 Gbps) we’ve mitigated this year—and the third largest reported attack that the Internet had ever experienced at the time.

By Verisign, A Global Provider of Critical Internet Infrastructure and Domain Name Registry Services

Verisign, a global provider of domain name registry services and internet infrastructure, enables internet navigation for many of the world’s most recognized domain names. Verisign enables the security, stability, and resiliency of key internet infrastructure and services, including providing root zone maintainer services, operating two of the 13 global internet root servers, and providing registration services and authoritative resolution for the .com and .net top-level domains, which support the majority of global e-commerce. To learn more about what it means to be Powered by Verisign, please visit Verisign.com.

Visit Page

Filed Under


Commenting is not available in this channel entry.
CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet




Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC


Sponsored byVerisign

New TLDs

Sponsored byRadix