Home / Industry

Neustar Data Identifies Most Popular Times of Year for DDoS Attacks in 2015

Neustar today released preliminary data indicating April, February, October and December as the most popular months for DDoS attacks. The report, compiled from 2015 data from Neustar’s Security Operations Center (SOC), also details the rising threat of multi-vector attacks, a weapon commonly used to plant malware and extract company information.

The Timing of the Attacks

The winter holiday season accounted for 32 percent of all attacks in 2015. Attackers took note of the opportunities presented during Cyber Monday and the holiday shopping season, and timed their assaults for maximum impact.

  • October saw the highest number of attacks with 12.63 percent
  • December accounted for 11.39 percent of attacks
  • February received 10.48 percent of hits
  • April had 9.04 percent of attacks

“It’s no surprise that hackers are launching their attacks around high-transaction months,” said Peter Burke, Senior Vice President of Engineering and Operations at Neustar.

“In February and April, you’re looking at times when most people file their taxes, so it makes sense that attacks would be heightened during that time period. In the fourth quarter, you have Cyber Monday and a high volume of companies that are dependent upon ecommerce, so it’s like low-hanging fruit for attackers,” Burke concluded.

Multi-Vector Mayhem

One of the most alarming trends noted in the findings is the rise of multi-vector attacks. Rather than just use one style of method to breach a company’s infrastructure, attackers are increasingly turning to multi-vector attacks to exhaust defenses.

“Multi-vector attacks show a higher level of sophistication on behalf of the hacker,” said Burke. “Anybody can go to a stressor website and buy a cheap DDoS service, but with multi-vector attacks, the hacker is exhibiting a familiarity with attack methods and determination to potentially cause real damage,” Burke said.

Statistics from Neustar’s Security Operations Center uncovered:

  • 47 percent of all multi-vector attacks occurred in the fourth quarter
  • 42.6 percent of multi-vector attacks were less than 1 Gbps
  • 57 percent of all multi-vector attacks involved reflection attacks

“Rather than just hit with a massive DDoS strike, multi-vector attacks are more alarming because they require dexterity, familiarity with attack methods, and they can also be used as a smokescreen to insert malware and sneak out sensitive company information,” Burke added.

In late March, Neustar will release its full Security Operations Center report, which will detail attack sizes, strategies and stories from the SOC. The report is comprised of attacks that Neustar has defended on behalf of its clients in 2015. No client names or identifying information will be provided in the report.

By GoDaddy Registry, World-Leading Provider of Domain Name Registry Services

GoDaddy Registry (formerly Neustar Registry) is one of the world’s largest and leading domain name registry providers. We operate top-level domains (TLDs) on behalf of sovereign nations, city governments, global brands and domain registries so that people worldwide can bring their ideas to life online.

Visit Page

Filed Under


Commenting is not available in this channel entry.
CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC


Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global


Sponsored byDNIB.com

New TLDs

Sponsored byRadix