Global DDoS Threat Landscape Q4 2016 – US, UK and Netherlands top attacked countries

Imperva published the Global DDoS Threat Landscape
Q4 2016, according to the experts the US, the UK and Netherlands are top attacked countries.

Distributed denial of service (DDoS) attacks continue to represent a serious threat to organizations worldwide. The attacks are growing in size and level of sophistication according to the new report ‘Global DDoS Threat Landscape
Q4 2016‘ published by Imperva.

According to the experts at Imperva, the creation of huge Internet of Things botnets and the availability of cheap DDoS-for-hire services are creating the condition for the growth of DDoS attacks.

Network layer attack sizes reached a record high, just before Christmas a massive DDoS attack powered by a new botnet dubbed Leet Botnet hit the network of the firm Imperva.

The Mirai Botnet was also used to power similar DDoS attacks in the same period. In Q3 the experts observed longest network layer attack of the year, which lasted for 29 days.

These amazing volume of malicious traffic is reached thanks to the use of amplification vectors.

The number of application layer attacks continued to increase peaking in Q4 the number of 889 attacks a week.

In the last quarter of the year, experts from Imperva mitigated an average of 280 network layer attacks per week, totaling 3,603, a 39.4% drop from Q3. According to the experts, the majority of DDoS attacks (89%) lasted for less than one hour.

Imperva mitigated 11,727 application layer attacks, for an average of 889 per week (+2.9% from Q3 2016).

“In Q4 2016, single-vector network attacks increased by almost seven percent from Q3, reaching a yearly high of 71%. Moreover, the percentage of assaults in which perpetrators used five or more different payloads dropped from 3.9 percent in Q3 to 1.9 percent in the following quarter.” reads the report.

“With respect to multi-vector attacks, the downward trend we’re seeing can likely be attributed to the increase in less-sophisticated assaults being instigated by non-professional perpetrators using botnet-for-hire (a.k.a., stresser or booter) services.”

The largest application layer attack reached 91,209 RPS (requests per second), while the longest attack DDoS lasted 47 days. 74.7% of application layer DDoS attacks lasted less than an hour.

“The Incapsula network saw an increase in attack frequency, with the number of targets hit by multiple assaults reaching 58.3 percent, compared with 54.7 percent in Q3.” continued the Incapsula report. “In fact, the percentage of sites targeted more than ten times in Q4 reached 13.1 percent, the highest figure ever recorded for this attack frequency category.”

To avoid detection, DDoS bots continues to use fake user agents to assume legitimate tool and browser identities.

According to the experts, the quantity of sophisticated, browser-based bots that retain cookies and execute JavaScript jumped from 8.0% up to 13.6% in Q4.

Giving a look at Top Attacking Countries, China is at the first place (78,5), followed by Vietnam (4.5%), South Korea (2.9%), United States (1.7%)

The US was the Top targeted country (56.7%), followed by the United Kingdom (9.6%), and the Netherlands (8.6%).

The Global DDoS Threat Landscape Q4 2016 includes many other interesting data on these specific threats, Enjoy it!

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Global DDoS Threat Landscape Q4 2016, DDoS attacks)