Danang Hi-Tech Park
Dinh Vu

Economic Sector

Last updated: Friday, October 19, 2018


Q3 2017 DDoS Trends Report: 29 Pct of Attacks Employed Five or More Attack Types

Posted: Wednesday, January 03, 2018

Verisign just released its Q3 2017 DDoS Trends Report, which represents a unique view into the attack trends unfolding online, through observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of Verisign DDoS Protection Services and security research conducted by Verisign Security Services.

Verisign saw that 29 per cent of attacks in Q3 2017 employed five or more attack types; however, the number of attacks have decreased since Q2 2017.

The largest volumetric and highest intensity DDoS attack observed by Verisign in Q3 2017 was a multi-vector attack that peaked approximately 2.5 Gigabits per second (Gbps) and around 1 Million packets per second (Mpps). This attack lasted approximately two and a half hours. The attack was notable because it consisted primarily of a wide range of attack vectors including TCP SYN and TCP RST floods; DNS, ICMP and Chargen Amplification attacks, and invalid packets.

Key DDoS trends and observations:

  • Fifty-six percent of DDoS attacks were User Datagram Protocol (UDP) floods.
  • Eighty-eight percent of DDoS attacks mitigated by Verisign in Q3 2017 employed multiple attack types.
  • The IT/Cloud/SaaS industry, representing 45 per cent of mitigation activity, was the most frequently targeted industry for the twelfth consecutive quarter. The Financial Sector industry experienced the second highest number of DDoS attacks, representing 20 per cent of mitigation activity.

Comprehensive Network Protection – Inbound and Outbound
Verisign DDoS Trends Reports throughout 2017 have reported a decline in the size and number of DDoS attacks. This trend does not necessarily mean, however, that DDoS attacks are going away or that companies should be complacent. Now is a good time for organizations to review all aspects of their network and application security solutions to protect themselves against DDoS attacks or future security threats.

How to Monitor Outbound Traffic
Gaining visibility into outbound DNS requests can be challenging. Firewall administrators tend to not look at DNS request logs due to the volume, but knowing what is sent out on your network is the first step to preventing communication with malicious end points.

Deploying security technology such as DNS firewall, email filtering and other security solutions, and keeping them up to date, is a good place to start. No technology offers 100 per cent network protection; organizations need to implement a layered approach to security that includes both technology and user education.

As attackers grow increasingly adept at creating “smarter” malware to circumvent individual protections, it becomes more important to layer these and other security controls, including measures at the DNS level.


Other news

Trien lam ICT
Sunny World Property Development Corporation
Tong cu DL