Welcome!

News Feed Item

Akamai Publishes Prolexic Q1 2014 Global DDoS Attack Report

Attackers chose reflection versus infection techniques to achieve larger DDoS attacks

CAMBRIDGE, Mass., April 17, 2014 /PRNewswire/ -- Akamai Technologies, Inc. (NASDAQ: AKAM), the leading provider of cloud services for delivering, optimizing and securing online content and business applications, today announced availability of the Prolexic Q1 2014 Global DDoS Attack Report. Prolexic Technologies, now part of Akamai, is a recognized leader in Distributed Denial of Service (DDoS) protection services, and has produced the quarterly Global DDoS Attack Report since 2011. The report, which provides analysis and insight into the global DDoS threat landscape, can be downloaded at www.prolexic.com/attackreports.

Akamai Technologies logo.

"In Q1, DDoS attackers relied less upon traditional botnet infection in favor of reflection and amplification techniques, a trend Prolexic has been seeing for some time," said Stuart Scholly, senior vice president and general manager of  Security at Akamai Technologies. "Instead of using a network of zombie computers, the newer DDoS toolkits abuse Internet protocols that are available on open or vulnerable servers and devices. We believe this approach can lead to the Internet becoming a ready-to-use botnet for malicious actors."

Prolexic has observed the most abused protocols to be Character Generator (CHARGEN), Network Time Protocol (NTP) and Domain Name System (DNS). These protocols, which are all based on the User Datagram Protocol (UDP), may be favored as they allow attackers to hide their identity. In addition, amplification-based attacks can deliver a massive flood of data at the target while requiring only a relatively small output from the source.

New reflection and amplification attack tools can deliver a powerful punch. Q1 saw a 39 percent increase in average bandwidth and the largest-ever DDoS attack to cross the Prolexic DDoS mitigation network. This attack involved multiple reflection techniques combined with a traditional botnet-based application attack to generate peak traffic of more than 200 Gbps (gigabits per second) and 53.5 Mpps (million packets per second).

This quarter saw more than half of the DDoS attack traffic aimed at the Media and Entertainment industry. This one industry was targeted by 54 percent of the malicious packets mitigated by Prolexic during active DDoS attacks in Q1.

Highlights from Prolexic's Q4 2014 Global DDoS Attack Report:

Compared to Q1 2013

  • 47 percent increase in total DDoS attacks
  • 9 percent decrease in average attack bandwidth
  • 68 percent increase in infrastructure (Layer 3 & 4) attacks
  • 21 percent decrease in application (Layer 7) attacks
  • 50 percent decrease in average attack duration: 35 vs. 17 hours
  • 133 percent increase in average peak bandwidth

Compared to Q4 2013

  • 18 percent increase in total DDoS attacks
  • 39 percent increase in average attack bandwidth
  • 35 percent increase in infrastructure (Layer 3 & 4) attacks
  • 36 percent decrease in application (Layer 7) attacks
  • 24 percent decrease in average attack duration: 23 vs. 17 hours
  • 114 percent increase in average peak bandwidth

Analysis and emerging trends

Innovation in the DDoS marketplace has given rise to tools that can create greater damage with fewer resources. Q1's high-volume, infrastructure-based attacks were made possible by the availability of easy-to-use DDoS tools from the DDoS-as-a-service marketplace. These tools are designed by malicious hackers to deliver greater power and convenience into the hands of less skillful attackers. 

For example, in Q1, NTP reflection attacks surged, likely due to the availability of easy-to-use DDoS attack tools that support this reflection technique. The NTP flood method went from accounting for less than 1 percent of all attacks in the prior quarter to reaching nearly the same popularity as SYN flood attacks, a perennial favorite among DDoS attackers. Neither CHARGEN nor NTP attack vectors were detected in Q1 2013 but accounted for 23 percent of all infrastructure attacks mitigated by Prolexic in Q1 2014.

These DDoS trends are discussed in detail in Prolexic's Q1 2014 Global DDoS Attack Report. A complimentary copy is available as a free PDF download at www.prolexic.com/attackreports.

Akamai and Prolexic DDoS attack reports to be merged

Akamai announced the acquisition of Prolexic in December 2013. Prolexic's Global DDoS Attack Report and Akamai's State of the Internet Report both cover DDoS attacks and related trends and statistics. In the coming quarters, we will be working to consolidate these publications with the goal of publishing a combined report that delivers an unparalleled level of insight into the Internet threat landscape. Follow @akamai_soti on Twitter for more information. 

Prolexic, now part of Akamai, offers DDoS protection solutions that leverage proprietary DDoS filtering techniques and the world's largest cloud-based DDoS mitigation network.  Akamai completed the acquisition of Prolexic in February 2014.  Together with Prolexic, Akamai is providing customers with a comprehensive portfolio of security solutions designed to defend an enterprise's Web and IP infrastructure against application-layer, network-layer and data center attacks delivered via the Internet.  To learn more about how Prolexic solutions stop DDoS attacks and protect business, please visit www.prolexic.com, or follow Prolexic on LinkedIn, Facebook, Google+, YouTube, and @Prolexic on Twitter.

About Akamai

Akamai® is the leading provider of cloud services for delivering, optimizing and securing online content and business applications. At the core of the Company's solutions is the Akamai Intelligent Platform™ providing extensive reach, coupled with unmatched reliability, security, visibility and expertise. Akamai removes the complexities of connecting the increasingly mobile world, supporting 24/7 consumer demand, and enabling enterprises to securely leverage the cloud. To learn more about how Akamai is accelerating the pace of innovation in a hyperconnected world, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.

Contacts:




Rob Morton

Tom Barth

Media Relations

Investor Relations

617-444-3641

617-274-7130

[email protected]

[email protected]

Logo - http://photos.prnewswire.com/prnh/20100225/AKAMAILOGO 

SOURCE Akamai Technologies, Inc.

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Actian Corporation has announced the latest version of the Actian Vector in Hadoop (VectorH) database, generally available at the end of July. VectorH is based on the same query engine that powers Actian Vector, which recently doubled the TPC-H benchmark record for non-clustered systems at the 3000GB scale factor (see tpc.org/3323). The ability to easily ingest information from different data sources and rapidly develop queries to make better business decisions is becoming increasingly importan...
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
Kubernetes, Docker and containers are changing the world, and how companies are deploying their software and running their infrastructure. With the shift in how applications are built and deployed, new challenges must be solved. In his session at @DevOpsSummit at19th Cloud Expo, Sebastian Scheele, co-founder of Loodse, will discuss the implications of containerized applications/infrastructures and their impact on the enterprise. In a real world example based on Kubernetes, he will show how to ...
Traditional on-premises data centers have long been the domain of modern data platforms like Apache Hadoop, meaning companies who build their business on public cloud were challenged to run Big Data processing and analytics at scale. But recent advancements in Hadoop performance, security, and most importantly cloud-native integrations, are giving organizations the ability to truly gain value from all their data. In his session at 19th Cloud Expo, David Tishgart, Director of Product Marketing ...
SYS-CON Events announced today Telecom Reseller has been named “Media Sponsor” of SYS-CON's 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
As the world moves toward more DevOps and Microservices, application deployment to the cloud ought to become a lot simpler. The Microservices architecture, which is the basis of many new age distributed systems such as OpenStack, NetFlix and so on, is at the heart of Cloud Foundry - a complete developer-oriented Platform as a Service (PaaS) that is IaaS agnostic and supports vCloud, OpenStack and AWS. Serverless computing is revolutionizing computing. In his session at 19th Cloud Expo, Raghav...
Aspose.Total for .NET is the most complete package of all file format APIs for .NET as offered by Aspose. It empowers developers to create, edit, render, print and convert between a wide range of popular document formats within any .NET, C#, ASP.NET and VB.NET applications. Aspose compiles all .NET APIs on a daily basis to ensure that it contains the most up to date versions of each of Aspose .NET APIs. If a new .NET API or a new version of existing APIs is released during the subscription peri...
SYS-CON Events announced today that StarNet Communications will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. StarNet Communications’ FastX is the industry first cloud-based remote X Windows emulator. Using standard Web browsers (FireFox, Chrome, Safari, etc.) users from around the world gain highly secure access to applications and data hosted on Linux-based servers in a central data center. ...
Smart Cities are here to stay, but for their promise to be delivered, the data they produce must not be put in new siloes. In his session at @ThingsExpo, Mathias Herberts, Co-founder and CTO of Cityzen Data, will deep dive into best practices that will ensure a successful smart city journey.
DevOps at Cloud Expo, taking place Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long dev...
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
StarNet Communications Corp has announced the addition of three Secure Remote Desktop modules to its flagship X-Win32 PC X server. The new modules enable X-Win32 to safely tunnel the remote desktops from Linux and Unix servers to the user’s PC over encrypted SSH. Traditionally, users of PC X servers deploy the XDMCP protocol to display remote desktop environments such as the Gnome and KDE desktops on Linux servers and the CDE environment on Solaris Unix machines. XDMCP is used primarily on comp...
There is growing need for data-driven applications and the need for digital platforms to build these apps. In his session at 19th Cloud Expo, Muddu Sudhakar, VP and GM of Security & IoT at Splunk, will cover different PaaS solutions and Big Data platforms that are available to build applications. In addition, AI and machine learning are creating new requirements that developers need in the building of next-gen apps. The next-generation digital platforms have some of the past platform needs a...
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
Using new techniques of information modeling, indexing, and processing, new cloud-based systems can support cloud-based workloads previously not possible for high-throughput insurance, banking, and case-based applications. In his session at 18th Cloud Expo, John Newton, CTO, Founder and Chairman of Alfresco, described how to scale cloud-based content management repositories to store, manage, and retrieve billions of documents and related information with fast and linear scalability. He addres...