Story image

Cyberattacks skyrocket: Arbor releases global DDoS attack data for 1H 2016

26 Jul 2016

​A lot can change in just 12 months – cybercrime can certainly attest to that.

Arbor Networks recently released global DDoS attack data for the first six months of 2016 that paints a pretty grim picture, with continuing escalation in both the size and frequency of attacks.

The data was gathered through ATLAS, a collaborative partnership with more than 330 service provider customers who share anonymous traffic data with Arbor in order to deliver a comprehensive, aggregated view of global traffic and threats.

DDoS remains a commonly-used attack type, largely due to its ease-of-use with free tools and inexpensive online services that essentially allow anyone with a grievance and an Internet connection to launch an attack. Some of the statistics from the study include:

  • An average of 124,000 attacks took place per week over the last 18 months
  • A whopping 73 percent increase in the peak attack size over 2015, to 579 Gbps
  • 46 attacks over 200Gbps were monitored over the first half of 2016, as opposed to 16 in all of 2015

It is certainly a concerning trend - especially when you consider that Arbor asserts a 1 Gbps attack is large enough to take most organisations completely offline, and the average attack size in 1H 2016 was 986Mbps (a 30 percent increase from 2015) and is projected to be 1.15 Gbps by the end of the year.

Arbor Networks chief security technologist, Darren Anstee says high bandwith attacks can only be mitigated in the cloud, away from the intended target.

“However, despite massive growth in attack size at the top end, 80% of all attacks are still less than 1Gbps and 90% last less than one hour,” Anstee says. “On-premise protection provides the rapid reaction needed and is key against “low and slow” application-layer attacks, as well as state exhaustion attacks targeting infrastructure such as firewalls and IPS.”

As cybercrime continues to grow, it would seem the only real option for organisations is to ensure their defences stay one step ahead.

ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Who's watching you? 
With privacy an increasing concern amongst the public, users should be more aware than ever of what personal data companies hold.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Managing data to comply with privacy regulations - Micro Focus
It’s crucial for organisations to be able to access, understand, and accurately classify the data they have so they know how to treat it.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.