Welcome!

News Feed Item

Akamai Publishes Prolexic Q1 2014 Global DDoS Attack Report

Attackers chose reflection versus infection techniques to achieve larger DDoS attacks

CAMBRIDGE, Mass., April 17, 2014 /PRNewswire/ -- Akamai Technologies, Inc. (NASDAQ: AKAM), the leading provider of cloud services for delivering, optimizing and securing online content and business applications, today announced availability of the Prolexic Q1 2014 Global DDoS Attack Report. Prolexic Technologies, now part of Akamai, is a recognized leader in Distributed Denial of Service (DDoS) protection services, and has produced the quarterly Global DDoS Attack Report since 2011. The report, which provides analysis and insight into the global DDoS threat landscape, can be downloaded at www.prolexic.com/attackreports.

Akamai Technologies logo.

"In Q1, DDoS attackers relied less upon traditional botnet infection in favor of reflection and amplification techniques, a trend Prolexic has been seeing for some time," said Stuart Scholly, senior vice president and general manager of  Security at Akamai Technologies. "Instead of using a network of zombie computers, the newer DDoS toolkits abuse Internet protocols that are available on open or vulnerable servers and devices. We believe this approach can lead to the Internet becoming a ready-to-use botnet for malicious actors."

Prolexic has observed the most abused protocols to be Character Generator (CHARGEN), Network Time Protocol (NTP) and Domain Name System (DNS). These protocols, which are all based on the User Datagram Protocol (UDP), may be favored as they allow attackers to hide their identity. In addition, amplification-based attacks can deliver a massive flood of data at the target while requiring only a relatively small output from the source.

New reflection and amplification attack tools can deliver a powerful punch. Q1 saw a 39 percent increase in average bandwidth and the largest-ever DDoS attack to cross the Prolexic DDoS mitigation network. This attack involved multiple reflection techniques combined with a traditional botnet-based application attack to generate peak traffic of more than 200 Gbps (gigabits per second) and 53.5 Mpps (million packets per second).

This quarter saw more than half of the DDoS attack traffic aimed at the Media and Entertainment industry. This one industry was targeted by 54 percent of the malicious packets mitigated by Prolexic during active DDoS attacks in Q1.

Highlights from Prolexic's Q4 2014 Global DDoS Attack Report:

Compared to Q1 2013

  • 47 percent increase in total DDoS attacks
  • 9 percent decrease in average attack bandwidth
  • 68 percent increase in infrastructure (Layer 3 & 4) attacks
  • 21 percent decrease in application (Layer 7) attacks
  • 50 percent decrease in average attack duration: 35 vs. 17 hours
  • 133 percent increase in average peak bandwidth

Compared to Q4 2013

  • 18 percent increase in total DDoS attacks
  • 39 percent increase in average attack bandwidth
  • 35 percent increase in infrastructure (Layer 3 & 4) attacks
  • 36 percent decrease in application (Layer 7) attacks
  • 24 percent decrease in average attack duration: 23 vs. 17 hours
  • 114 percent increase in average peak bandwidth

Analysis and emerging trends

Innovation in the DDoS marketplace has given rise to tools that can create greater damage with fewer resources. Q1's high-volume, infrastructure-based attacks were made possible by the availability of easy-to-use DDoS tools from the DDoS-as-a-service marketplace. These tools are designed by malicious hackers to deliver greater power and convenience into the hands of less skillful attackers. 

For example, in Q1, NTP reflection attacks surged, likely due to the availability of easy-to-use DDoS attack tools that support this reflection technique. The NTP flood method went from accounting for less than 1 percent of all attacks in the prior quarter to reaching nearly the same popularity as SYN flood attacks, a perennial favorite among DDoS attackers. Neither CHARGEN nor NTP attack vectors were detected in Q1 2013 but accounted for 23 percent of all infrastructure attacks mitigated by Prolexic in Q1 2014.

These DDoS trends are discussed in detail in Prolexic's Q1 2014 Global DDoS Attack Report. A complimentary copy is available as a free PDF download at www.prolexic.com/attackreports.

Akamai and Prolexic DDoS attack reports to be merged

Akamai announced the acquisition of Prolexic in December 2013. Prolexic's Global DDoS Attack Report and Akamai's State of the Internet Report both cover DDoS attacks and related trends and statistics. In the coming quarters, we will be working to consolidate these publications with the goal of publishing a combined report that delivers an unparalleled level of insight into the Internet threat landscape. Follow @akamai_soti on Twitter for more information. 

Prolexic, now part of Akamai, offers DDoS protection solutions that leverage proprietary DDoS filtering techniques and the world's largest cloud-based DDoS mitigation network.  Akamai completed the acquisition of Prolexic in February 2014.  Together with Prolexic, Akamai is providing customers with a comprehensive portfolio of security solutions designed to defend an enterprise's Web and IP infrastructure against application-layer, network-layer and data center attacks delivered via the Internet.  To learn more about how Prolexic solutions stop DDoS attacks and protect business, please visit www.prolexic.com, or follow Prolexic on LinkedIn, Facebook, Google+, YouTube, and @Prolexic on Twitter.

About Akamai

Akamai® is the leading provider of cloud services for delivering, optimizing and securing online content and business applications. At the core of the Company's solutions is the Akamai Intelligent Platform™ providing extensive reach, coupled with unmatched reliability, security, visibility and expertise. Akamai removes the complexities of connecting the increasingly mobile world, supporting 24/7 consumer demand, and enabling enterprises to securely leverage the cloud. To learn more about how Akamai is accelerating the pace of innovation in a hyperconnected world, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.

Contacts:




Rob Morton

Tom Barth

Media Relations

Investor Relations

617-444-3641

617-274-7130

[email protected]

[email protected]

Logo - http://photos.prnewswire.com/prnh/20100225/AKAMAILOGO 

SOURCE Akamai Technologies, Inc.

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
More and more companies are looking to microservices as an architectural pattern for breaking apart applications into more manageable pieces so that agile teams can deliver new features quicker and more effectively. What this pattern has done more than anything to date is spark organizational transformations, setting the foundation for future application development. In practice, however, there are a number of considerations to make that go beyond simply “build, ship, and run,” which changes how...
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical...
Traditional IT, great for stable systems of record, is struggling to cope with newer, agile systems of engagement requirements coming straight from the business. In his session at 18th Cloud Expo, William Morrish, General Manager of Product Sales at Interoute, will outline ways of exploiting new architectures to enable both systems and building them to support your existing platforms, with an eye for the future. Technologies such as Docker and the hyper-convergence of computing, networking and...
Contextual Analytics of various threat data provides a deeper understanding of a given threat and enables identification of unknown threat vectors. In his session at @ThingsExpo, David Dufour, Head of Security Architecture, IoT, Webroot, Inc., discussed how through the use of Big Data analytics and deep data correlation across different threat types, it is possible to gain a better understanding of where, how and to what level of danger a malicious actor poses to an organization, and to determin...
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, ...
Organizations planning enterprise data center consolidation and modernization projects are faced with a challenging, costly reality. Requirements to deploy modern, cloud-native applications simultaneously with traditional client/server applications are almost impossible to achieve with hardware-centric enterprise infrastructure. Compute and network infrastructure are fast moving down a software-defined path, but storage has been a laggard. Until now.
Let’s face it, embracing new storage technologies, capabilities and upgrading to new hardware often adds complexity and increases costs. In his session at 18th Cloud Expo, Seth Oxenhorn, Vice President of Business Development & Alliances at FalconStor, discussed how a truly heterogeneous software-defined storage approach can add value to legacy platforms and heterogeneous environments. The result reduces complexity, significantly lowers cost, and provides IT organizations with improved efficienc...
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
CI/CD is conceptually straightforward, yet often technically intricate to implement since it requires time and opportunities to develop intimate understanding on not only DevOps processes and operations, but likely product integrations with multiple platforms. This session intends to bridge the gap by offering an intense learning experience while witnessing the processes and operations to build from zero to a simple, yet functional CI/CD pipeline integrated with Jenkins, Github, Docker and Azure...
Digital transformation has increased the pace of business creating a productivity divide between the technology haves and have nots. Managing financial information on spreadsheets and piecing together insight from numerous disconnected systems is no longer an option. Rapid market changes and aggressive competition are motivating business leaders to reevaluate legacy technology investments in search of modern technologies to achieve greater agility, reduced costs and organizational efficiencies. ...
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
Fact: storage performance problems have only gotten more complicated, as applications not only have become largely virtualized, but also have moved to cloud-based infrastructures. Storage performance in virtualized environments isn’t just about IOPS anymore. Instead, you need to guarantee performance for individual VMs, helping applications maintain performance as the number of VMs continues to go up in real time. In his session at Cloud Expo, Dhiraj Sehgal, Product and Marketing at Tintri, sha...
As Cybric's Chief Technology Officer, Mike D. Kail is responsible for the strategic vision and technical direction of the platform. Prior to founding Cybric, Mike was Yahoo's CIO and SVP of Infrastructure, where he led the IT and Data Center functions for the company. He has more than 24 years of IT Operations experience with a focus on highly-scalable architectures.
Using new techniques of information modeling, indexing, and processing, new cloud-based systems can support cloud-based workloads previously not possible for high-throughput insurance, banking, and case-based applications. In his session at 18th Cloud Expo, John Newton, CTO, Founder and Chairman of Alfresco, described how to scale cloud-based content management repositories to store, manage, and retrieve billions of documents and related information with fast and linear scalability. He addres...