0 évaluation0% ont trouvé ce document utile (0 vote)
66 vues10 pages
DDoS attacks are on the rise, according to the Q1 2015 State Of The Internet - Security Report, with Akamai reporting a record number of DDoS attacks recorded on the PLXrouted network – more than double the number reported in the first quarter of 2014. However, the profile of the typical attack has changed, with attackers favoring relatively low-bandwidth attacks (typically less than 10 Gbps) but long durations (typically more than 24 hours). Get the fast facts in this presentation, and then get all the details from the full Q1 2015 State of the Internet – Security report at http://bit.ly/1KfWTrG.
Titre original
Q1 2015 DDoS and Web Application Attack Stats & Trends From Stateoftheinternet.com
DDoS attacks are on the rise, according to the Q1 2015 State Of The Internet - Security Report, with Akamai reporting a record number of DDoS attacks recorded on the PLXrouted network – more than double the number reported in the first quarter of 2014. However, the profile of the typical attack has changed, with attackers favoring relatively low-bandwidth attacks (typically less than 10 Gbps) but long durations (typically more than 24 hours). Get the fast facts in this presentation, and then get all the details from the full Q1 2015 State of the Internet – Security report at http://bit.ly/1KfWTrG.
DDoS attacks are on the rise, according to the Q1 2015 State Of The Internet - Security Report, with Akamai reporting a record number of DDoS attacks recorded on the PLXrouted network – more than double the number reported in the first quarter of 2014. However, the profile of the typical attack has changed, with attackers favoring relatively low-bandwidth attacks (typically less than 10 Gbps) but long durations (typically more than 24 hours). Get the fast facts in this presentation, and then get all the details from the full Q1 2015 State of the Internet – Security report at http://bit.ly/1KfWTrG.
Number of DDoS attacks continues rise, up to more than
double the total in Q1 2014 Attackers increasingly favor a low and slow approach a typical attack had lower bandwidth but long duration The gaming industry attracts more DDoS attacks than any other Seven of eight mega-attacks directly or indirectly targeted gaming 35% of all DDoS attacks this quarter were focused on the gaming industry
DDoS traffic was dominated by infrastructure-layer attack
methods China rose to largest DDoS source, with the share of US attacks falling dramatically Web application attacks concentrated on retail and media verticals 2 / [The State of the Internet] / Security (Q1 2015)
= major DDoS statistical trends
Overall frequency of DDoS attacks continued to rise
Up more than 35% from Q4 2014 More than double the number of attacks recorded in Q1 2014
DDoS attacks were smaller, but longer and more frequent
Typical attack had drastically lower volume and bandwidth than 2014 Below 10 Gbps 29-hour average duration
Eight mega-attacks with more than 100 Gbps traffic
Largest had 170 Gbps peak, more than largest attack of Q4
3 / [The State of the Internet] / Security (Q1 2015)
accounting for 91% of all recorded attacks: SSDP attacks were the most exploited infrastructure-layer vector, representing >20% of attacks SSDP attacks are a new vector first observed in Q3 2014 Uses unsecured home Internet devices such as routers as reflectors
SYN floods fell to second place with 16% of all attacks
However, seven of eight mega-attacks involved SYN floods
Application-layer attacks continued to be disfavored due to the
rise of reflection-based attack methods Most-common application-layer attack is HTTP GET , accounting for 7.5% of DDoS activity
4 / [The State of the Internet] / Security (Q1 2015)
= DDoS attack makeup
= targeted industries
Gaming remained the most targeted industry, attracting 35%
of all attacks Attacks on other relevant verticals appeared to be indirect attacks on gaming as well Massive attacks on large console gaming networks in December 2014 continued into January Seven of eight >100 Gbps mega-attacks recorded in Q1 were targeted at gaming, either directly or indirectly
Software and Technology suffered 25% of attacks
Slight decrease of 1% from last quarter
Internet and Telecoms suffered 14%
Slight increase of 3% from last quarter
5 / [The State of the Internet] / Security (Q1 2015)
= source countries
China continued to top the list of DDoS source countries
Accounted for 23% of DDoS traffic Substantial increase from 18% in Q4
Germany was the second-largest source of DDoS traffic
17% of recorded DDoS traffic originated from Germany Substantial increase from 12% last year
USA fell to third place
Accounted for just 12% of DDoS traffic in Q1 2015 Dramatic decrease from 32% in Q4
Decreases in percentages do not represent a drop in DDoS
traffic from these countries DDoS traffic sources have increasingly diversified other countries are producing more DDoS traffic, rather than the US producing less 6 / [The State of the Internet] / Security (Q1 2015)
= web application (non-DDoS) attacks
Akamai collected and analyzed data from the KONA Web
Application Firewall service. This data focused on web application attacks and their patterns: More than 52 million SQL injection attacks observed, accounting for 29% of attacks Two campaigns against travel and hospitality companies were a main contributor Local File Inclusion (LFI) accounted for 66% of web application attacks Primarily resulting from massive volumetric campaign against two large retailers 63% of LFI attacks observed during week 12 alone
More than 50% of all attack IPs originated from the US
Retail and Media/Entertainment industries were subjected to the greatest number of attacks
7 / [The State of the Internet] / Security (Q1 2015)
= Q1 2015 State of the Internet Security Report
Download the Q1 2015 State of the Internet Security Report
The Q1 2015 report covers:
Analysis of DDoS web application attack trends
Bandwidth (Gbps) and volume (Mpps) statistics Year-over-year and quarter-by-quarter analysis Attack frequency, size, types and sources Security implications of the transition to IPv6 Mitigating the risk of website defacement and domain hijacking DDoS techniques that maximize bandwidth, including booter/stresser sites Analysis of SQL injection attacks as a persistent and emerging threat
9 / [The State of the Internet] / Security (Q1 2015)
= about stateoftheinternet.com
StateoftheInternet.com, brought to you by Akamai,
serves as the home for content and information intended to provide an informed view into online connectivity and cybersecurity trends as well as related metrics, including Internet connection speeds, broadband adoption, mobile usage, outages, and cyber-attacks and threats.
Visitors to www.stateoftheinternet.com can find current and
archived versions of Akamais State of the Internet (Connectivity and Security) reports, the companys data visualizations, and other resources designed to put context around the ever-changing Internet landscape.
10 / [The State of the Internet] / Security (Q1 2015)