Server, DDoS

Verisign’s 2014 Trends Report for Q3 Shows Rise in DDoS Attacks

November 21, 2014         By: Athanasios Koufis

Verisign has issued its Q3 Trends Report focused on security vulnerabilities, specifically, distributed denial-of-service attacks (DDoS).

The data collected in this report contains in detail attack tendencies and statistics, behavioral tendencies and future expectations.

The information was  derived from administered denial-of-service attack reductions executed in cooperation with clients of Verisign DDoS Protection Services from July through September of 2014.

A DDoS attack operates the User Datagram Protocol (UDP). An attacker will send multiple small requests to various servers, fabricating them into appearing as large responses. These responses are normal but their source addresses have been rewritten by the attacker as to appear that they derive from the victim rather than the attacker. This produces an amount of traffic that would be impossible for the attacker to create alone.

What’s particularly interesting in this report, are the escalated DDoS attacks surpassing 10 Gbps in size. The largest attack (90 Gbps) was observed by an eCommerce client. A User Datagram Protocol (UDP) was used for this overwhelming attack.

Other tendencies shown in this report are that attacks over 10 Gbps in size have increased in frequency. The average amount of attacks per targeted customer was more than three. In addition, Verisign has recorded the use of a new protocol for UDP reflection attacks; the Simple Service Discovery Protocol (SSDP / UDP port 1900).

In Q3 Media and Entertainment was the most frequently targeted industry.

The eCommerce industry experienced the largest attacks recorded with the largest attacks being more than 90 Gbps, an overwhelming number for servers without DDoS protection.

Verisign has seen an increase in DDoS attacks during the holiday season and there is no reason to believe that this year will be any different.