A lot can change in just 12 months – cybercrime can certainly attest to that.
Arbor Networks recently released global DDoS attack data for the first six months of 2016 that paints a pretty grim picture, with continuing escalation in both the size and frequency of attacks.
The data was gathered through ATLAS, a collaborative partnership with more than 330 service provider customers who share anonymous traffic data with Arbor in order to deliver a comprehensive, aggregated view of global traffic and threats.
DDoS remains a commonly-used attack type, largely due to its ease-of-use with free tools and inexpensive online services that essentially allow anyone with a grievance and an Internet connection to launch an attack. Some of the statistics from the study include:
- An average of 124,000 attacks took place per week over the last 18 months
- A whopping 73 percent increase in the peak attack size over 2015, to 579 Gbps
- 46 attacks over 200Gbps were monitored over the first half of 2016, as opposed to 16 in all of 2015
It is certainly a concerning trend - especially when you consider that Arbor asserts a 1 Gbps attack is large enough to take most organisations completely offline, and the average attack size in 1H 2016 was 986Mbps (a 30 percent increase from 2015) and is projected to be 1.15 Gbps by the end of the year.
Arbor Networks chief security technologist, Darren Anstee says high bandwith attacks can only be mitigated in the cloud, away from the intended target.
“However, despite massive growth in attack size at the top end, 80% of all attacks are still less than 1Gbps and 90% last less than one hour,” Anstee says. “On-premise protection provides the rapid reaction needed and is key against “low and slow” application-layer attacks, as well as state exhaustion attacks targeting infrastructure such as firewalls and IPS.
As cybercrime continues to grow, it would seem the only real option for organisations is to ensure their defences stay one step ahead.