Home » News » Arbor Networks Releases Global DDoS Attack Data for 1H 2016

Arbor Networks Releases Global DDoS Attack Data for 1H 2016

Arbor Networks

Arbor Networks Inc., the security division of NETSCOUT, has released global distributed denial-of-service (DDoS) attack data for the first six months of 2016, which shows a continuing escalation in both the size and frequency of attacks.

Arbor’s data is gathered through the Active Threat Level Analysis System (ATLAS™), a collaborative partnership with more than 330 service provider customers who share anonymous traffic data with Arbor in order to deliver a comprehensive, aggregated view of global traffic and threats. ATLAS provides the data for the Digital Attack Map, a visualisation of global attack traffic created in collaboration with Google Ideas ATLAS data has also been utilised recently in Cisco’s Visual Networking Index Report and the Verizon Data Breach Incident Report.

DDoS remains a commonly used attack type due to the ready availability of free tools and inexpensive online services that allow anyone with a grievance and an internet connection to launch an attack. This has led to an increase in the frequency, size and complexity of attacks in recent years.

ATLAS has recorded:

  • An average of 124,000 events per week over the last 18 months
  • A 73% increase in peak attack size over 2015, to 579Gbps
  • 274 attacks over 100Gbps monitored in 1H 2016, versus 223 in all of 2015
  • 46 attacks over 200Gbps monitored in 1H 2016, versus 16 in all of 2015
  • USA, France and Great Britain are the top targets for attacks over 10Gbps

As Arbor’s Security Engineering & Response Team (ASERT) recently documented, large DDoS attacks do not require the use of reflection amplification techniques. LizardStresser, an IoT botnet was used to launch attacks as large as 400Gbps targeting gaming sites worldwide, Brazilian financial institutions, internet service providers (ISPs) and government institutions. According to ASERT, the attack packets do not appear to be from spoofed source addresses – and no UDP-based amplification protocols such as NTP or SNMP were used.

Read the findings from Arbor’s report and the official press release here.

 
 
Back to Top
For more information:
Contact our specialist teams
 

Privacy Preference Center

Necessary

Wordpress, GDPR

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site may not work then.

Advertising

Analytics

__utma, __utmb, __utmc, __utmz

These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our site. They help us know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site.
https://support.google.com/analytics/answer/6004245

Other