Quarterly Global DDoS Attack Report: Q1 2013

Published April 17, 2013

Quarterly Global DDoS Attack Report: Q1 2013

What You Need to Know

DDoS attack rates of the size reported in Q1 2013 are almost impossible for a normal enterprise to plan for:

  • As recently as Q3 2012 50 Gbps was an easily attainable attack characteristic. As of Q1 2013 over 10 percent of attacks were exceeding the 60 Gbps threshold.
  • At least one known DDoS attack mitigated by DDoS cybersecurity experts in early Q2 2013 exceeded 160 Gbps.
  • By the end of Q2 2013 a DDoS attack breaking the 200 Gbps mark is entirely plausible.

Related trends also reflect the ongoing evolution of DDoS attacks:

  • Infections in the U.S. have increased dramatically due to the vulnerability of unpatched web applications.
  • Reflection and amplification attacks have received significant media attention.
  • Attacks that have generated the highest bandwidth and packets-per-second volume have been targeted attacks from infected web servers with user-level permissions.
  • The largest DDoS attacks are likely to continue to come from these infected web servers.

Spotlight: Attackers take aim at ISP and carrier router infrastructures with high packet-per-second DDoS attacks

The increasing scale of distributed denial of service (DDoS) attacks is challenging appliances, ISPs, carriers and content delivery networks

Notable DDoS trends from January – March 2013 include the following:

  • Average attack bandwidth increased more than sevenfold compared with Q4 2012. The average packet-per-second (pps) rate reached over 32 Mpps.
  • With such excessive pps rates, even the largest enterprises can expect significant challenges from these magnified DDoS attacks.
  • Attack volume continued to grow after a record number of recorded attacks in Q4 2012, reflecting a general trend of heightened global DDoS activity and risk of attack.
  • China continued to be the leader in attack source country rankings, along with the United States, Germany and, for the first time, Iran. This is very interesting because Iran enforces strict browsing policies similar to Cuba and North Korea.

Highlights: Q1 2013 global DDoS attack statistics

Compared to Q4 2012

  • Average attack bandwidth up 718 percent from 6 Gbps to 48 Gbps
  • Average attack duration increased 7 percent from 32 hours to nearly 35 hours
  • Total number of infrastructure attacks rises 4 percent; total number of application attacks falls 4 percent
  • 2 percent increase in total number of DDoS attacks

Compared to Q1 2012

  • Average attack bandwidth up 691 percent from 6 Gbps to 48 Gbps
  • 21 percent increase in average attack duration from 29 hours to 35 hours
  • Total number of infrastructure attacks up 27 percent; total number of application attacks up 8 percent
  • 22 percent rise in total number of attacks

Contact Us