Welcome!

News Feed Item

Akamai Publishes Prolexic Q1 2014 Global DDoS Attack Report

Attackers chose reflection versus infection techniques to achieve larger DDoS attacks

CAMBRIDGE, Mass., April 17, 2014 /PRNewswire/ -- Akamai Technologies, Inc. (NASDAQ: AKAM), the leading provider of cloud services for delivering, optimizing and securing online content and business applications, today announced availability of the Prolexic Q1 2014 Global DDoS Attack Report. Prolexic Technologies, now part of Akamai, is a recognized leader in Distributed Denial of Service (DDoS) protection services, and has produced the quarterly Global DDoS Attack Report since 2011. The report, which provides analysis and insight into the global DDoS threat landscape, can be downloaded at www.prolexic.com/attackreports.

Akamai Technologies logo.

"In Q1, DDoS attackers relied less upon traditional botnet infection in favor of reflection and amplification techniques, a trend Prolexic has been seeing for some time," said Stuart Scholly, senior vice president and general manager of  Security at Akamai Technologies. "Instead of using a network of zombie computers, the newer DDoS toolkits abuse Internet protocols that are available on open or vulnerable servers and devices. We believe this approach can lead to the Internet becoming a ready-to-use botnet for malicious actors."

Prolexic has observed the most abused protocols to be Character Generator (CHARGEN), Network Time Protocol (NTP) and Domain Name System (DNS). These protocols, which are all based on the User Datagram Protocol (UDP), may be favored as they allow attackers to hide their identity. In addition, amplification-based attacks can deliver a massive flood of data at the target while requiring only a relatively small output from the source.

New reflection and amplification attack tools can deliver a powerful punch. Q1 saw a 39 percent increase in average bandwidth and the largest-ever DDoS attack to cross the Prolexic DDoS mitigation network. This attack involved multiple reflection techniques combined with a traditional botnet-based application attack to generate peak traffic of more than 200 Gbps (gigabits per second) and 53.5 Mpps (million packets per second).

This quarter saw more than half of the DDoS attack traffic aimed at the Media and Entertainment industry. This one industry was targeted by 54 percent of the malicious packets mitigated by Prolexic during active DDoS attacks in Q1.

Highlights from Prolexic's Q4 2014 Global DDoS Attack Report:

Compared to Q1 2013

  • 47 percent increase in total DDoS attacks
  • 9 percent decrease in average attack bandwidth
  • 68 percent increase in infrastructure (Layer 3 & 4) attacks
  • 21 percent decrease in application (Layer 7) attacks
  • 50 percent decrease in average attack duration: 35 vs. 17 hours
  • 133 percent increase in average peak bandwidth

Compared to Q4 2013

  • 18 percent increase in total DDoS attacks
  • 39 percent increase in average attack bandwidth
  • 35 percent increase in infrastructure (Layer 3 & 4) attacks
  • 36 percent decrease in application (Layer 7) attacks
  • 24 percent decrease in average attack duration: 23 vs. 17 hours
  • 114 percent increase in average peak bandwidth

Analysis and emerging trends

Innovation in the DDoS marketplace has given rise to tools that can create greater damage with fewer resources. Q1's high-volume, infrastructure-based attacks were made possible by the availability of easy-to-use DDoS tools from the DDoS-as-a-service marketplace. These tools are designed by malicious hackers to deliver greater power and convenience into the hands of less skillful attackers. 

For example, in Q1, NTP reflection attacks surged, likely due to the availability of easy-to-use DDoS attack tools that support this reflection technique. The NTP flood method went from accounting for less than 1 percent of all attacks in the prior quarter to reaching nearly the same popularity as SYN flood attacks, a perennial favorite among DDoS attackers. Neither CHARGEN nor NTP attack vectors were detected in Q1 2013 but accounted for 23 percent of all infrastructure attacks mitigated by Prolexic in Q1 2014.

These DDoS trends are discussed in detail in Prolexic's Q1 2014 Global DDoS Attack Report. A complimentary copy is available as a free PDF download at www.prolexic.com/attackreports.

Akamai and Prolexic DDoS attack reports to be merged

Akamai announced the acquisition of Prolexic in December 2013. Prolexic's Global DDoS Attack Report and Akamai's State of the Internet Report both cover DDoS attacks and related trends and statistics. In the coming quarters, we will be working to consolidate these publications with the goal of publishing a combined report that delivers an unparalleled level of insight into the Internet threat landscape. Follow @akamai_soti on Twitter for more information. 

Prolexic, now part of Akamai, offers DDoS protection solutions that leverage proprietary DDoS filtering techniques and the world's largest cloud-based DDoS mitigation network.  Akamai completed the acquisition of Prolexic in February 2014.  Together with Prolexic, Akamai is providing customers with a comprehensive portfolio of security solutions designed to defend an enterprise's Web and IP infrastructure against application-layer, network-layer and data center attacks delivered via the Internet.  To learn more about how Prolexic solutions stop DDoS attacks and protect business, please visit www.prolexic.com, or follow Prolexic on LinkedIn, Facebook, Google+, YouTube, and @Prolexic on Twitter.

About Akamai

Akamai® is the leading provider of cloud services for delivering, optimizing and securing online content and business applications. At the core of the Company's solutions is the Akamai Intelligent Platform™ providing extensive reach, coupled with unmatched reliability, security, visibility and expertise. Akamai removes the complexities of connecting the increasingly mobile world, supporting 24/7 consumer demand, and enabling enterprises to securely leverage the cloud. To learn more about how Akamai is accelerating the pace of innovation in a hyperconnected world, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.

Contacts:




Rob Morton

Tom Barth

Media Relations

Investor Relations

617-444-3641

617-274-7130

[email protected]

[email protected]

Logo - http://photos.prnewswire.com/prnh/20100225/AKAMAILOGO 

SOURCE Akamai Technologies, Inc.

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that Peak 10, Inc., a national IT infrastructure and cloud services provider, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Peak 10 provides reliable, tailored data center and network services, cloud and managed services. Its solutions are designed to scale and adapt to customers’ changing business needs, enabling them to lower costs, improve performance and focus inter...
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
So, you bought into the current machine learning craze and went on to collect millions/billions of records from this promising new data source. Now, what do you do with them? Too often, the abundance of data quickly turns into an abundance of problems. How do you extract that "magic essence" from your data without falling into the common pitfalls? In her session at @ThingsExpo, Natalia Ponomareva, Software Engineer at Google, will provide tips on how to be successful in large scale machine lear...
If there is anything we have learned by now, is that every business paves their own unique path for releasing software- every pipeline, implementation and practices are a bit different, and DevOps comes in all shapes and sizes. Software delivery practices are often comprised of set of several complementing (or even competing) methodologies – such as leveraging Agile, DevOps and even a mix of ITIL, to create the combination that’s most suitable for your organization and that maximize your busines...
Struggling to keep up with increasing application demand? Learn how Platform as a Service (PaaS) can streamline application development processes and make resource management easy.
In his session at @ThingsExpo, Chris Klein, CEO and Co-founder of Rachio, will discuss next generation communities that are using IoT to create more sustainable, intelligent communities. One example is Sterling Ranch, a 10,000 home development that – with the help of Siemens – will integrate IoT technology into the community to provide residents with energy and water savings as well as intelligent security. Everything from stop lights to sprinkler systems to building infrastructures will run ef...
Whether your IoT service is connecting cars, homes, appliances, wearable, cameras or other devices, one question hangs in the balance – how do you actually make money from this service? The ability to turn your IoT service into profit requires the ability to create a monetization strategy that is flexible, scalable and working for you in real-time. It must be a transparent, smoothly implemented strategy that all stakeholders – from customers to the board – will be able to understand and comprehe...
In the world of DevOps there are ‘known good practices’ – aka ‘patterns’ – and ‘known bad practices’ – aka ‘anti-patterns.' Many of these patterns and anti-patterns have been developed from real world experience, especially by the early adopters of DevOps theory; but many are more feasible in theory than in practice, especially for more recent entrants to the DevOps scene. In this power panel at @DevOpsSummit at 18th Cloud Expo, moderated by DevOps Conference Chair Andi Mann, panelists will dis...
See storage differently! Storage performance problems have only gotten worse and harder to solve as applications have become largely virtualized and moved to a cloud-based infrastructure. Storage performance in a virtualized environment is not just about IOPS, it is about how well that potential performance is guaranteed to individual VMs for these apps as the number of VMs keep going up real time. In his session at 18th Cloud Expo, Dhiraj Sehgal, in product and marketing at Tintri, will discu...
Machine Learning helps make complex systems more efficient. By applying advanced Machine Learning techniques such as Cognitive Fingerprinting, wind project operators can utilize these tools to learn from collected data, detect regular patterns, and optimize their own operations. In his session at 18th Cloud Expo, Stuart Gillen, Director of Business Development at SparkCognition, will discuss how research has demonstrated the value of Machine Learning in delivering next generation analytics to im...
Unless you don’t use the internet, don’t live in California, or haven’t been paying attention to the recent news… you should be aware that self-driving cars are on their way to becoming a reality. I have seen them – they are real. If you believe in the future reality of self-driving cars, then continue reading on. If you don’t believe in the future possibilities, then I am not sure what to do to convince you other than discuss the very real changes that will roll out with the consumer producti...
Up until last year, enterprises that were looking into cloud services usually undertook a long-term pilot with one of the large cloud providers, running test and dev workloads in the cloud. With cloud’s transition to mainstream adoption in 2015, and with enterprises migrating more and more workloads into the cloud and in between public and private environments, the single-provider approach must be revisited. In his session at 18th Cloud Expo, Yoav Mor, multi-cloud solution evangelist at Cloudy...
There is an ever-growing explosion of new devices that are connected to the Internet using “cloud” solutions. This rapid growth is creating a massive new demand for efficient access to data. And it’s not just about connecting to that data anymore. This new demand is bringing new issues and challenges and it is important for companies to scale for the coming growth. And with that scaling comes the need for greater security, gathering and data analysis, storage, connectivity and, of course, the...
This is not a small hotel event. It is also not a big vendor party where politicians and entertainers are more important than real content. This is Cloud Expo, the world's longest-running conference and exhibition focused on Cloud Computing and all that it entails. If you want serious presentations and valuable insight about Cloud Computing for three straight days, then register now for Cloud Expo.
IoT device adoption is growing at staggering rates, and with it comes opportunity for developers to meet consumer demand for an ever more connected world. Wireless communication is the key part of the encompassing components of any IoT device. Wireless connectivity enhances the device utility at the expense of ease of use and deployment challenges. Since connectivity is fundamental for IoT device development, engineers must understand how to overcome the hurdles inherent in incorporating multipl...