DDoS attack size ratcheting up, says Arbor report
Average bits per second in attacks up 43 per cent so far this year
Arbor Networks' global active threat analysis report suggests that distributed denial of service attacks are continuing to intensify, with the proportion of attacks in the 2-10Gbps range almost doubling to 29.8 per cent since last year.
Darren Anstee, solutions architect for Arbor Networks, said the report, which covers the first half of 2013, confirmed a clear increase in attack size, speed and complexity on a daily basis.
"The resilience of this attack vector is incredible, and, with all of the tools available today that enable anyone to launch or participate in attacks, we don't see a slow-down at all," he said.
Anstee said the results were based on the vendor's Active Threat Level Analysis System (ATLAS) report, which involves some 270 services providers that share anonymised traffic data each hour with Arbor's security engineers and response team. Some 35Tbps of data is analysed, and supported by Arbor's global honeypot network of 45 sensors.
Key findings were that the average bits per second sent in an attack has risen 43 per cent so far this year, with 46.5 per cent of attacks now over 1Gbps – a jump of 13.5 per cent from the second half of 2012.
The proportion of attacks in the 2-10Gbps range went from 14.8 per cent to 29.8 per cent.
Some 41.6 per cent of attacks are now over 10Gbps.
"In the first half of 2013 we have seen more than double the total number of attacks over 20Gbps than we saw in the whole of 2012," Anstee added.
However, there were a couple of downward trends. For example, attacks are now shorter, with 86 per cent now lasting less than an hour.
Jeff Wilson, principal network security analyst with Infonetics Research, said in a media statement: "The increasing volume of highly visible attacks, including a mix of politically motivated attacks, state-sponsored electronic warfare, social activism, organised crime and good old-fashioned pointless mischief and mayhem is being driven by the easy availability of bots and botnets for hire and easily distributed crowd-sourced attack tools."