If it seems like every hack you hear about involves distributed denial of service (DDoS) attacks, you’re onto something—research shows that DDoS attacks have gone up 150 percent since this time last year. It really spiked during the last quarter of 2015 with a 40 percent increase in attacks compared to Q3. Overall web attacks rose 28 percent, but it’s clear that cybercriminals are favoring DDoS. Security for IT teams have been struggling to keep up, keep their online sites safe, and follow evolving best practices to avoid becoming the next victim.
According to the State of the Internet report, 97 percent of DDoS attacks make up layer three and four infrastructure layer attacks. The stresser/booter-based botnets continue to remain the favorite MO of hackers. These attacks are created to bounce traffic from NTP, DNS, Chargen, and other vulnerable servers. Of course, the best way to prevent these attacks is to make sure you have a quality virtual private server or dedicated server managed by a reputable team. Unfortunately, most website owners don’t do the necessary research to secure a safeguarded server/host.
The good news is that the most popular type of DDoS attack isn’t capable of causing big chaos. However, that’s of little comfort to the victims. Even a time limited attack can be devastating. Most of these smaller attacks are taken care of in under 15 hours, but 15 hours of zero or subpar online presence is more than enough time to damage a business. Startups, monetized blogs, and small businesses can’t afford to sully their reputation.
There’s also been more repeat attacks than ever, with about 24 attacks per victim in each quarter. Once a hacker finds a site that’s vulnerable, it’s easier to continue attacking it—especially if they don’t fix the vulnerabilities—rather than find a brand new victim. Over half of all attacks are launched at gaming companies, and 23 percent are directed at tech/software companies.
Running the Numbers
Nearly 60 percent of web application attacks are geared towards retailers, which is up about four percent from last quarter. Another ten percent is aimed at media/entertainment and ten percent at hotel/travel sites. By far, the leading web app attack is LFI (40 percent). SQLi gets 28 percent, PHPi 22 percent, XSS five percent, and Shellshock two percent. Hackers have their favorite weapons, but DDoS is being grabbed and flung like hotcakes this year.
There are also some interesting figures regarding sources of attacks. China is attacking the most at 28 percent, but Turkey comes in second with 22 percent. Turkey also has one of the largest percentages of DDoS attack victims. The US is home to 15 percent of all DDoS attackers. However, the US leads the charge for web app attacks at 56 percent. At number two is Brazil at just eight percent, and Russia at seven percent.
On a daily basis, overall attacks have multiplied ten-fold to 30,000 unique events each day. These figures don’t’ necessarily show where an attacker “really is,” since it’s easy to hide your location if you’re a moderately skilled hacker.