Arbor Networks today released its Global DDoS Attack Data for the first half of 2016 affirming continued escalation in both the size and frequency of denial-of-service (DDoS) attacks.

— “DDoS remains a commonly used attack type due to the ready availability of free tools and inexpensive online services that allow anyone with a grievance and an internet connection to launch an attack.”

— Arbor’s data is gathered through the Active Threat Level Analysis System (ATLAS), a collaborative partnership between the company and over 330 service provider customers who share anonymous traffic data with Arbor. ATLAS has recorded the following:

• An average of 124,000 events per week over the last 18 months.
• A 73% increase in peak attack size over 2015, to 579Gbps.
• 274 attacks over 100Gbps monitored in 1H 2016, versus 223 in all of 2015.
• 46 attacks over 200Gbps monitored in 1H 2016, versus 16 in all of 2015.
• USA, France and Great Britain are the top targets for attacks over 10Gbps.

— Large DDoS attacks do not require the use of reflection amplification techniques: “LizardStresser, an IoT botnet was used to launch attacks as large as 400Gbps targeting gaming sites worldwide, Brazilian financial institutions, internet service providers (ISPs) and government institutions.”

— Average is large enough: “A 1 Gbps DDoS attack is large enough to take most organizations completely offline. Average attack size in 1H 2016 was 986Mbps, a 30% increase over 2015. Average attack size is projected to be 1.15Gbps by end of 2016.”

— ATLAS Digital Attack Map: Shown below is a snapshot of a visualization of global attack traffic created in collaboration with Google Ideas.  Source: Arbor Networks / 19 July 2016 / View Live