Cyber crime on the rise: DDoS attack volumes have trebled in past year, says study

Cyber crime is on the rise, average attack volumes grew by 194%, and hyper-scale volumes by 150% year-on-year, according to Link11 latest Q4 2018 DDoS statistics.

The report found that in Q4 2018, the average volume of DDoS attacks was 5Gbps, nearly three times the 1.7Bbps average seen in Q4 2017. This is because attackers are using increasingly powerful botnets comprising misused cloud servers, hijacked IoT devices and embedded devices.

The evolution of DDoS attacks – and defences

Aatish Pattni, regional director, UK & Ireland, Link11, explores in Information Age how DDoS attacks have grown in size and sophistication over the last two decades

“The increase in the impact and complexity of attacks continues unabated,” said Marc Wilczek, COO of Link11. “When faced with DDoS bandwidths well over 100 Gbps and multi-vector attacks, traditional IT security mechanisms are easily overwhelmed, and unprotected companies risk serious business disruption, loss of revenue and even fines.”

Hyper-scale attacks hitting hard

In QQ4 2018, Link11’s Security Operations Center (LSOC) registered 13 attacks with volumes over 80Gbps. The biggest of these reaches 173.5Gbps – this is double last year’s biggest (70.1Gbps).

When crime pays: the business of DDoS attacks

Distributed denial of service attacks have become an increasingly popular, and effective hacking phenomenon that is near unpreventable

Multi-vector attacks are getting more complex

The majority of attacks in Q4 2018 were multi-vector attacks, accounting for 59% of all attacks, compared to 45% in Q4 2017.

Many of these attacks were complex, using up to nine different attack vectors. The three most commonly used reflection amplification vectors were CLDAP, DNS reflection and SSDP.

Weekend warriors

According to the LSOC, attacks occurred most frequently on Saturdays and Sundays, with the level of attacks declining during the business week.

Attackers targeted organisations most frequently between 4 pm and midnight Central European Time, with attack volumes at their lowest between 6 am and 10 am CET.

The full report can be found here.

Mondelez vs. Zurich: How watertight is cyber insurance coverage?

Do you sleep soundly at night in the safety of knowing your cyber insurance coverage is sufficient? If not, it looks like you’re not alone

Avatar photo

Andrew Ross

As a reporter with Information Age, Andrew Ross writes articles for technology leaders; helping them manage business critical issues both for today and in the future

Related Topics

Cyber Crime
DDoS Attack