In Q3 2015, the longest continuous DDoS attack recorded by Kaspersky Lab lasted for 320 hours, which is close to two weeks. More than 90 percent of attacks lasted less than 24 hours, however the number of attacks lasting longer than 150 hours has grown tremendously. The highest number of attacks on the same victim was 22, from a server in the Netherlands.
Kaspersky Lab's new quarterly DDoS report is based on consistent overseeing of botnets and observation of new techniques applied by cyber-criminals in the third quarter of 2015. The report shows that DDoS attacks remain highly localised.
Even though Kaspersky Lab has recorded DDoS attacks targeting servers in 79 countries, 91.6 percent of the victims' resources are located in only 10 countries worldwide. It also discovered that DDoS attacks are more likely to come from the same countries. China, the US and South Korea held top positions as the countries most frequently hit by DDoS attacks.
“Attacks are growing in volume with most of them aiming to attack, disrupt and disappear, but the number of lengthy attacks, capable of bankrupting a large, unprotected business, is also on the rise. These significant developments make it imperative for companies to take measures to prevent the very real threat and increased risk posed by DDoS attacks,” commented Evgeny Vigovsky, head of Kaspersky DDoS protection, Kaspersky Lab.
Linux-based botnets account for up to 45.6 percent of all attacks that Kaspersky Lab recorded. Poor protection and higher bandwidth capacity are major reasons for this.
Banks are often targeted for complex attacks and ransom demands. Less complicated but equally dangerous attacks have become less expensive to carry out. August happened to be the quietest month of the quarter for attacks, showing that cyber-criminals do go on vacation too.