attacks in Q4 2017 decreased by 25%, says

Verisign observed a 25 percent decrease in the number of attacks in Q4 2017 compared to Q3 2017 and an 850 percent increase in the average of attack peak sizes.

Must Read

Sumit Deb begins new journey as CMD of NMDC

Senior PSU leader Sumit Deb has assumed charge as Chairman-cum-Managing Director of NMDC Limited. He succeeds N. Baijendra Kumar.

Spearheading transformation towards sustainable future in times of Covid-19

Bringing the governments, businesses, academia, and communities together to spearhead the transformational and systematic effort towards a sustainable future is needed

Tata Communications gets local telecom license in Saudi Arabia

Under Type B telecom license, Tata Communications will be able to provide Internet Service Provider and related telecom services to enterprises in a defined capacity, along with local currency billing for end-customers

Cybersecurity firm Verisign said that number of decreased by 25% in Q4 2017 compared to the third quarter of 2017 from July 1, 2017 through September 30, 2017. The Peak attack size was 53 Gigabits per second (Gbps), with a speed of 5 Million packets per second (Mpps). Average peak attack size was 7.6 Gbps (850% increase compared to Q3 2017, but a 32% year-over-year decrease compared to Q4 2016), 40% of attacks over 5 Gbps. The most common attack mitigated as 42% of attacks were User Datagram Protocol (UDP) floods; 82% of attacks employed multiple attack types.

Verisign observed a 25 percent decrease in the number of attacks in Q4 2017 compared to Q3 2017 and an 850 percent increase in the average of attack peak sizes. This large increase is partially attributed to the historically low average of attack peak sizes observed in Q3 2017. From Q4 2016 to Q4 2017, Verisign observed a year-over-year decrease of 32 percent in the average of attack peak sizes. Verisign also observed that 25 percent of customers who experienced attacks in Q4 2017 were targeted multiple times during the quarter. While the number of attacks has continued to decrease from quarter to quarter, attacks remain unpredictable in speed and complexity.

Eighty-two percent of DDoS attacks mitigated by Verisign in Q4 2017 employed multiple attack types. Verisign observed attacks targeting networks at multiple layers and attack types that changed over the course of a DDoS event. Today’s DDoS attacks require continuous monitoring to optimize mitigation strategies.

Continuing the trend, UDP flood attacks were the most common attack vector in Q4 2017, accounting for 42 percent of total attacks in the quarter. The most common UDP floods included Domain Name System (DNS), Network Time Protocol (NTP), Lightweight Directory Access Protocol (LDAP) and Simple Service Discovery Protocol (SSDP) reflective amplification attacks.

The largest volumetric and highest intensity DDoS attack observed by Verisign in Q4 2017 was a multi-vector attack that peaked at approximately 53 Gbps and over 5 Mpps. This attack sent a flood of traffic to the targeted network for about an hour. The attack consisted of a wide range of attack vectors including TCP SYN and TCP RST floods, DNS amplification attacks, Internet Control Message Protocol (ICMP) floods and invalid packets.

Verisign Distribution Denial of Service Trends, observed attack trends of October – December, the fourth quarter of 2017. These trends include attack statistics, behavioural trends and future outlook. Compiled on the basis of observations and insights about attack frequency and size obtained from mitigations enacted on behalf of customers from Verisign DDOS Protection Services.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Tata Communications gets local telecom license in Saudi Arabia

Under Type B telecom license, Tata Communications will be able to provide Internet Service Provider and related telecom services to enterprises in a defined capacity, along with local currency billing for end-customers
- Advertisement -SAP Hana

Related Articles