DDOS-GUARD Q4 2017 DDoS Attack Report
02 12,7% Number of attacks also dropped by 12,7% in comparison with same period in 2016 4613 Total number of DDoS attacks 36,8% Number of attacks dropped by 36.8% in comparison with last quarter 50 Per day Average capacity 2,7 Gbps and 1 Mpps 2 Per hour By months The most eventful month is December. Growth of attacks number before the New Year, which became a regular thing was noted. October November 1270 1262 2081 December Statistics by week days The largest number of attacks in the Q4 2017 occurred on Friday and Saturday.In comparison with previous quarter, Tuesday got out the TOP-3 and became the quietest day of the week.
03 Number of attacks 300 250 200 Time of day with a minimal number of attacks 150 50 0 Mo. Tu. We. Th. Fr. Sa. Su. Monday - 1:00 Tuesday - 2:00 Wednesday - 6:00 Attacks capacity Maximum size 151,6 GBPS / 42,1 MPPS Total amount of 100 GBPS attacks - 4 Registered on Wednesday, Thursday and Friday The peaks of DDoS activity registered on Thursday Thursday - 16:00 Friday - 21:00 Saturday - 10:00 Statistics by protocol 61,4% 33,6% 5% UDP - 2833 TCP - 1548 Other - 232 25:23:31 0:01:08 16:23:33 07:48:20 0:00:54 0:00:35 UDP TCP Other Total attacks duration UDP TCP Other Average attacks duration
04 Percentage ratio change Our engineers registered the greatest grow of attacks over UDP. Number of attacks increased by 6% in comparison with last quarter. Number of attacks also increased by 12,65% in comparison with same period in 2016 Compared with the same period in 2016 TCP - decrease of 3,43% UDP - increase of 12,65% Other - decrease of 9,22% Compared with last quarter TCP - decrease of 5,2% UDP - increase of 6% Other - decrease of 0,8% By attack capacity Average Max TCP 1,5 Gbps 2,3 Mpps 101,6 Gbps 42 Mpps UDP 5,5 Gbps 0,9 Mpps 151,6 Gbps 16,6 Mpps Other 2,2 Gbps 0,7 Mpps 68,2 Gbps 14 Mpps In conclusion we would like to note that DDoS attacks over UDP protocol are more popular than over TCP. Despite the fact that their duration is less in comparison with attacks of other types (via ICMP, GRE, IPsec, etc.), these attacks significantly exceed it in power and complexity. So, UDP attacks remain the main danger for the victim`s infrastructure.
05 Percentage of victims by resource activity* Online-stores Game servers Hosting - 23% - 36% - 32% Banking Public sector Mass-media Other - 4% - 2% - 1% - 2% There was noted an increase in the number of attacks on game servers and online stores. Victim countries ranking* 21% Russia China 45% 24% USA 45% China USA 24% Russia 21% Rest of the world 10% 10% Rest of the world *among DDoS-GUARD s customers
06 Interesting cases In January, an anomaly of traffic from Facebook autonomous systems was detected, nonetheless expertise indicated that lack of relevance for DDoS attacks. Trends The prediction made in the Q3 2017 quarter came true. The number of attacks on online stores and game servers increased before the New Year. The "calendar" of attacks has changed a little - there are less attacks on Tuesdays and more on Thursdays. However, the morning hours are still unpopular. Despite the overall reduction in attack size, recently distributed attacks began to occur more often. These attacks are based on small illegitimate traffic flows simultaneously to multiple IP addresses belonging to the same network or multiple networks of the same client. Despite the low capacity of each traffic flow individually (30-40 Mbps avg.), in sum they generate a very high load (up to 20 Gbps) and can disable the entire infrastructure of the victim`s resource. Forecast The likelihood of large-size attacks on game projects during the New Year holidays is high, because the number of gamers increases, so the damage will be maximum. The likelihood of distributed attacks on hosting providers is also great.
07 Our customers Opt for us, ensure your business security today!
+31 208 087 317 sales@ddos-guard.net ddos-guard.net @ddosguard #ddos-guard