Arbor Networks Reports the Most Volumetric DDoS Attacks Ever in the First Half of 2014
July 2014 by Arbor Networks
Arbor Networks Inc. released global DDoS attack data derived from its ATLAS® threat monitoring infrastructure. The data shows an unparalleled number of volumetric attacks in the first half of 2014 with over 100 attacks larger than 100GB/sec reported.
ATLAS is a collaborative partnership with nearly 300 service provider customers who share anonymous traffic data with Arbor in order to deliver a comprehensive, aggregated view of global traffic and threats. ATLAS collects statistics that represent 90TB/sec of Internet traffic and provides the data for the Digital Attack Map, a visualisation of global attack traffic created in collaboration with Google Ideas.
1H 2014 ATLAS key findings:
1H 2014 saw the most volumetric DDoS attacks ever, with more than 100 events over 100GB/sec reported so far this year
At the mid-point of 2014, 2x the number of events over 20GB/sec have been reported, as compared to all of 2013
The largest reported attack in Q2 was 154.69GB/sec, down 101% from Q1 2014. This was an NTP reflection attack targeting a destination in Spain. NTP reflection attacks are still significant, but size and scope is down versus Q1 2014. Average NTP traffic volumes are falling back globally, but still not back to the levels of November 2013 (pre the start of NTP attack proliferation) Q2 2014 saw fewer very large attacks – with average attack size down by 47% compared to Q1 2014
“Following on from the storm of NTP reflection attacks in Q1 volumetric DDoS attacks continued to be a problem well into the second quarter, with an unprecedented 100 attacks over 100GB/sec reported so far this year. We’ve also already seen more than twice the number of attacks over 20GB/sec than we saw in the whole of last year,” said Arbor Networks Director of Solutions Architects Darren Anstee. “The frequency of very large attacks continues to be an issue, and organisations should take an integrated, multi-layered approach to protection. Even organisations with significant amounts of Internet connectivity can now see that capacity exhausted relatively easily by the attacks that are going on out there.”