Akamai's Q3 2015 State of the Internet - Security Report offered up a mixed bag of news indicating a very large increase in distributed denial of service (DDoS) attacks, while noting the length and severity of the incidents were down.
The content delivery reported there were 1,510 DDoS attacks, a 180 percent increase, compared to the same period last year, but found out that on average the attack length was shorter with a lower volume level than in the past. For the period in question an average DDoS attack lasted 18.86 hours, down from 22.36 hours with peak attack volume 89 percent lower this year.
"There are several variables as it relates to the customer posture with regard to always on versus on demand which allows for mitigation to be applied faster and in some instances more proactively, the other variable is that the actors seem to be doing more probing of the customer environment which means shorter attack duration to potentially identify vulnerabilities," Lisa Beegle, information security manager for Akamai, told SCMagazine.com Friday in an email.
Despite these decreases, one company in the entertainment and media industry – which Akamai did not name – was hit by a record breaking 222 million packets per second (MPps) DDoS attack, topping the previous 214MPps attack that took place during the second quarter this year.
The online gaming industry was one group that saw an increase in the number of attacks, enduring a 50 percent increase during the third quarter. These incidents helped make online gaming the most targeted industry for more than a year.
The increase in gaming attacks is partly due to impending high-profile game releases, such as Call of Duty Black Ops, and an overall concentration on the gaming platforms, Beegle said, along with a general concentration on these companies by cyber-criminals.Another change unveiled by the Akamai report is that reflection-based attacks are becoming more popular than infection-style. The third quarter reflection attacks accounting for 33.2 percent of the attacks up from just six percent during the same period last year.
“A Reflection Denial of Service attack makes use of a potentially legitimate third party component to send the attack traffic to a victim, ultimately hiding the attackers' own identity. The attackers send packets to the reflector servers with a source IP address set to their victim's IP therefore indirectly overwhelming the victim with the response packets,” said the security firm Radware.