DDoS attacks still have the ability to strike fear into the hearts of security professionals and web server administrators everywhere. The flooding of a targeted system can be a logistical nightmare for organizations of all kinds, affecting normal business function massively.
This week Imperva Incapsula released their Q2 Global DDoS Threat Landscape Report, which represents an opportunity for the cybersecurity industry to take stock, and to view the threatscape in relation to DDoS; How it has changed, what types of attacks we’re seeing, and what types have slowed. Imperva have analysed over 15.000 network and application layer DDoS attacks which their Imperva Incapsula services were able to mitigate. This gives them virtually unparalleled insight into the nature of DDoS in Q2 of 2017, and beyond.
The findings indicate that, for the fifth quarter in a row, the number of layered network assaults dropped to 196 per week to 296 in the quarter before it. There was also a recorded dip in application layer attacks, which fell from 973 per week from an all-time high of 1,099!
They also managed to spot the emergence of the ‘pulse wave attack’, which allows malicious actors to pin down multiple targets, using alternating high-volume bursts; Incapsula referred to this as ‘the DDoS equivalent of hitting two birds with one stone’.
Of the trends observed in Q2 of this year, the persistence of application layer assaults has continued into its 5th quarter. 75.9% of targets had fell victim to multiple attacks, which is the highest percentage of any quarter that Incapsula have recorded. Of these repeat- DDoS victims, the US was the worst affected area geographically speaking, with 37% of websites hit more than six times, and 23% hit a staggering ten times or more.
Another point of geographical interest is the rise perceived in botnet activity out of Turkey, Ukraine and India. Over 3000 attacking devices were recorded in Turkey, as well as 4,300 emerging from India and Ukraine- a 75% increase.
So the takeaway from this Q2 report is to remember that DDoS attacks are fluid, and the ways in which they happen are changing- But they are going nowhere.