BANGALORE: Verisign, a leader in domain names and internet security today released a report, Distributed Denial of Service Trends, observed attack trends of July – September, Q2 2018.
The report provides a unique view into the attack trends that include attack statistics, behavioural trends and future outlook. Compiled on the basis of observations and insights about attack frequency and size obtained from mitigation's enacted on behalf of customers from Verisign DDOS Protection Services.
Verisign provides internet navigation for many of the world’s most recognized domain names and enables protection for websites and enterprises around the world.
They ensure the security, stability and resiliency of key internet infrastructure and services, including the .com and .net domains and two of the internet’s root servers, as well as performs the root-zone maintainer function for the core of the internet’s Domain Name System (DNS). Verisign’s Security Services include intelligence-driven Distributed Denial of Service Protection, iDefense Security Intelligence and Managed DNS.
The report observed that 52 percent of DDoS attacks that were mitigated in Q2 2018 employed multiple attack types. There was a 35 percent increase in the number of attacks, with a 49 percent decrease in the average of attack peak sizes, when compared to Q1 2018; however, the average of attack peak sizes has increased by 111 percent, year over year.
The largest volumetric DDoS attack observed by Verisign in Q2 2018 was a User Datagram Protocol (UDP) fragment flood that peaked at approximately 42 Gigabits per second (Gbps) and 3.5 Million packets per second (Mpps) and lasted approximately three hours. The highest intensity DDoS attack observed by Verisign in Q2 2018 was a multi-vector attack that peaked at approximately 38 Gbps and 4.7 Mpps and lasted for approximately two hours.
Key DDoS Trends and Observations:
- Fifty-six percent of DDoS attacks were UDP floods.
- TCP-based attacks were the second most common attack vector, making up 26 percent of attack types in the quarter.
- Fifty-two percent of DDoS attacks mitigated by Verisign in Q2 2018 employed multiple attack types.
- The Financial Services industry, representing 43 percent of mitigation activity, was the most frequently targeted industry for Q2 2018. The IT Services/Cloud/SaaS industry experienced the second highest number of DDoS attacks, representing 37 percent of mitigation activity, followed by the Media and Entertainment industry, representing 20 percent of mitigation activity.