An “incredible number” of DDoS attacks occurred in the fourth quarter of 2014, almost double the number observed by Akamai Technologies in Q4 of 2013.
The vendor's Q4 2014 State of the Internet – Security Report shos that there was also a 52% increase in average peak bandwidth of DDoS attacks compared to Q4 a year ago.
"Denial of service is a common and active threat to a wide range of enterprises. The DDoS attack traffic was not limited to a single industry, such as online entertainment that made headlines in December. Instead, attacks were spread among a wide variety of industries," said John Summers, vice president, Cloud Security Business Unit, Akamai.
Large packets of unwanted network traffic can quickly sap an enterprise's ability to respond to legitimate customers, resulting in denial of service outages. Most unprotected sites cannot withstand a typical DDoS attack. As a result, DDoS attacks have become part of the common cybersecurity threatscape that all enterprises with an online presence must anticipate in a risk assessment.
Resourceful DDoS-for-hire booter suites took a low-investment approach by tapping into reflection-based DDoS attacks.
Nearly 40% of all DDoS attacks used reflection techniques, which rely on Internet protocols that respond with more traffic than they receive and do not require an attacker to gain control over the server or device.
Widespread availability of for-hire DDoS services allowed low-level, non-technical attackers to purchase ready-to-use DDoS services. The expansion of the DDoS-for-hire market also promoted the use of multi-vector campaigns, as the competitive market drove attack innovation. Significantly more multi-vector attacks were observed – 88% more than in Q4 2013. More than 44% of all attacks used multiple attack vectors.