The size and strength of distributed denial-of-service (DDoS) attacks increased throughout 2013 against networks.
According to a report by Incapsula, 2013 saw a rapid increase in network DDoS attack volumes, which was facilitated by the adoption of new attack methods (NTP Ampliﬁcation and Large SYN ﬂoods) and also by the development of Internet and speciﬁcally cloud infrastructures.
SYN combo attacks account for around 75 per cent of all large scale network DDoS events (attacks peaking above 20 Gbps). Overall, large SYN attacks are also the single most commonly used attack vector, accounting for 26 per cent of all network DDoS events.
During January and February of 2014 there was a signiﬁcant increase in the number of NTP ampliﬁcation attacks; this reached a point in February where NTP ampliﬁcation attacks became the most commonly used attack vector for large scale network DDoS attacks.
Also, in the last 90 days, 81 per cent of all network attacks employed at least two different attack methods, with almost 39 per cent using three or more different attack methods simultaneously.
Looking forward, Incapsula recommended IT organisations re-think their security strategies to respond to latest Layer 3-4 and Layer 7 DDoS threat, especially as attackers are looking to raise the stakes even higher by introducing new capabilities, many of which are speciﬁcally designed to abuse the weaknesses of traditional anti-DDoS solutions.
Especially as in early 2013, it detected a single source 4 Gbps attacking server, which if ampliﬁed, could alone have generated over 200 Gbps in attack trafﬁc