Home / Industry

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Verisign today released its Q1 2016 DDoS Trends Report, which provides a unique view into online distributed denial of service (DDoS) attack trends from mitigations enacted on behalf of customers of Verisign DDoS Protection Services and research conducted by Verisign iDefense Security Intelligence Services.

Every industry is at risk as DDoS attacks continue to increase in size, frequency and sophistication. The most notable observation last quarter is the increase in DDoS attack activity, which was at its highest since the inception of Verisign’s DDoS Trends Report in Q1 2014. Comparing year-over-year attack activity, Verisign mitigated 111 percent more attacks in Q1 2016 than in Q1 2015.

Key Trends and Observations

  Average attack size observed by Verisign continues to be high at 19.37 Gbps, a 182 percent increase compared to Q4 2015.

  IT Services/Cloud/SaaS, representing 32 percent of mitigation activity in Q1 2016, remains the most frequently targeted industry for the sixth consecutive quarter, closely followed by Financial, representing 27 percent of all mitigations.

  User Datagram Protocol (UDP) flood attacks continue to dominate, accounting for approximately 62 percent of attacks in Q1 2016.

  Sixty-four percent of the DDoS attacks mitigated by Verisign in Q1 2016 employed more than one attack type.

Public Sector Organizations Targeted by Hacktivist DDoS Attacks

Finally, this quarter’s feature article focuses on the increase of hacktivist DDoS attacks in the Public Sector, especially with the rise in the availability and affordability of DDoS-for-hire services. Actors have flooded the networks of national government departments, academic institutions and local law enforcement websites with DDoS attacks with the intent of rendering them inaccessible—and using social media to broadcast their activity.

For more DDoS trends in Q1 2016, download the full report, and be sure to check back in a few months when we release our Q2 2016 DDoS Trends Report.

By Verisign, A Global Provider of Critical Internet Infrastructure and Domain Name Registry Services

Verisign, a global provider of domain name registry services and internet infrastructure, enables internet navigation for many of the world’s most recognized domain names. Verisign enables the security, stability, and resiliency of key internet infrastructure and services, including providing root zone maintainer services, operating two of the 13 global internet root servers, and providing registration services and authoritative resolution for the .com and .net top-level domains, which support the majority of global e-commerce. To learn more about what it means to be Powered by Verisign, please visit Verisign.com.

Visit Page

Filed Under


Commenting is not available in this channel entry.
CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC


Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API


Sponsored byDNIB.com

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign