Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Home / Industry

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

	By Verisign (Sponsored Post) A Global Provider of Critical Internet Infrastructure and Domain Name Registry Services
	February 14, 2017 Views: 15,089

Verisign DDoS Trends Report – Volume 3, Issue 4, 4th Quarter 2016 – Click to DownloadVerisign has just released the Q4 2016 DDoS Trends Report with a unique view into the attack trends unfolding online through observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of Verisign DDoS Protection Services, and security research conducted by Verisign iDefense® Intelligence Services.

Overall, average peak attack sizes in 2016 were larger than in previous years. Verisign observed a 167 percent increase in average peak attack size (16.1 Gigabits per second (Gbps))—compared with 2015 (6.02 Gbps).

The largest and highest intensity DDoS attack observed by Verisign in Q4 2016 was a multi-vector attack, which peaked at over 125 Gbps and around 50 Million packets per second (Mpps). The attack was notable because attackers were persistent, sending attack traffic on a daily basis for almost an entire month. The attack consisted of Domain Name System (DNS) Reflection and Internet Control Message Protocol traffic and the attackers switched periodically to TCP SYN and TCP Reset floods peaking at approximately 70 Gbps and 50 Mpps. The attack also included floods of IP fragments to increase the volume of the attack.

Key DDoS Trends and Observations

— Eighty-six percent of the DDoS attacks mitigated by Verisign in Q4 2016 employed multiple attack types. Sixty-five percent of DDoS attacks mitigated by Verisign in Q4 2016 utilized three or more different attack types.

— More than 50 percent of customers who experienced DDoS attacks in Q4 2016 were targeted multiple times.

— Fifty-two percent of DDoS attacks were UDP floods.

— The IT/Cloud/SaaS industry, representing 49 percent of mitigation activity, was the most frequently targeted industry for the ninth consecutive quarter. The Public Sector industry experienced the second highest number of DDoS attacks, representing 32 percent of mitigation activity.

This is the highest percentage of DDoS attacks against the Public Sector since the inception of the Verisign DDoS Trends Report in Q1 2014.

For more DDoS Trends in Q4 2016, download the full report, and be sure to check back in a few months when we release our Q1 2017 DDoS Trends Report.

By Verisign, A Global Provider of Critical Internet Infrastructure and Domain Name Registry Services

Verisign, a global provider of domain name registry services and internet infrastructure, enables internet navigation for many of the world’s most recognized domain names. Verisign enables the security, stability, and resiliency of key internet infrastructure and services, including providing root zone maintainer services, operating two of the 13 global internet root servers, and providing registration services and authoritative resolution for the .com and .net top-level domains, which support the majority of global e-commerce. To learn more about what it means to be Powered by Verisign, please visit Verisign.com.

Visit Page

Filed Under

Comments

Commenting is not available in this channel entry.

The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet