The average bandwidth used by DDoS (distributed denial-of-service) attacks had dramatically increased in Q1 2013. A report from Prolexic Technologies, a DDoS protection and mitigation service provider, discovered that the average bandwidth usage by DDoS attacks, which used to be at 6 Gbps, has increased 8 times to 48 Gbps. It has also discovered that 10% of all DDoS attacks it had mitigated reached speeds of 60 Gbps.
Breaking down the numbers, Prolexic discovered that 41% of all the Q1 2013 DDoS attacks came from China, followed by 22% from the United States, 11% from Germany, 6% from Iran, and 5% from India. While these attacks were located in these countries, that doesn’t necessarily mean that these countries were directly involved in the attacks. Information Week states that hackers could have installed DDoS toolkits onto servers located in these countries and used command-and-control servers to remotely use these toolkits to launch their attacks.
Prolexic found that 77% of the DDoS attacks it mitigated were aimed towards bandwidth capacity and routing infrastructure, while the other 23% were aimed towards disrupting critical apps and processes running on a server. Between Q4 2012 and Q1 2013, the total number of DDoS attacks increased by 2%, while the duration of these attacks increased by 7% (from 32.2 hours to 34.5 hours).
These attacks are increasing in bandwidth usage most likely because these “malicious actors have become more adept at harnessing the power of large DDoS botnets,” says Prolexic. One such botnet is speculated to be currently in development. Recently, attackers have attacked hundreds of WordPress sites, and analysts speculate that these hackers are going to be using the servers running these sites to launch a “massive botnet”.
[via Information Week]