Akamai Diversity
Home > Web Security > 2013 DDoS Analysis For Europe

2013 DDoS Analysis For Europe

This year, we decided to do something a little different to accompany the year-end State of the Internet Report. In addition to the analysis we do on the numbers for the world as a whole, we're breaking out a particular region to look at in more detail. Although it is not the target of the largest number of attacks, we chose Europe because, like the rest of the world, it is seeing a growing number of attacks.
Akamai's DDoS reporting is primarily looking at attacks that are reported by our clients. For more information on how Akamai tracks DDoS attacks, please see section 1.3 of the State of the Internet Report.

Overall, Europe was the target of 167 of the 1153 DDoS attacks in seen by Akamai in 2013, or slightly less than 15% of all attacks for the year. In 2012, Europe accounted for 154 of 768 of the attacks, or roughly 20% of the attacks reported that year. The number of attacks in Europe continues to grow, but at a rate slower than the rest of the world, at 50% overall, and far slower than the Asia region, which saw a 60% increase in attacks, primarily due to the work of chaotic actors protesting passage of new laws in Singapore. Europe saw spikes in targeted DDoS attacks in the first and third quarter of the year, at least in part because of attacks against media targets that were covering topics unpopular with the attackers.

McKay Blog Picture 1.png
When we look at the statistics for the attacks by industry for Europe, we notice additional digression from the worldwide numbers. In the Commerce sector, Europe saw 45 attacks in 2013, or about 27% of all attacks; when compared with the worldwide figures, this tracks closely with the 28% of worldwide attacks against Commerce targets. Similarly, High Tech targets account for 9% of all attacks (15 of 167) and Public Sector accounts for 5% (9 of 167) attacks, both of which roughly align with the worldwide percentages of attacks, at 7% each for high tech and public sector.

However, when we look at Enterprise targets, 34% of the attacks (57 of 167) targeted this sector, as opposed to a worldwide ratio of 42% aimed at the same sector; Europe's share was much much lower than the global share. And while the Enterprise sector breathed a sigh of relief, it was the Media and Entertainment segment that had to bear the brunt of attack traffic, seeing 25% of all DDoS attacks reported to Akamai in Europe for the year. As stated earlier, this seems to be in part because of coverage of politically charged topics by news organizations, drawing the ire of chaotic actors on the Internet.

McKay Blog Picture 2.png
Conclusion

In 2013, Europe was lucky not to have seen the large increase in DDoS attacks that the world as a whole saw, but the region still saw significant growth in attack traffic. As 2013 drew to a close, one trend that became very apparent was the use of reflection attacks, leveraging both Domain Name Services (DNS) and the Network Time Protocol (NTP). Increasingly, these attacks are exploiting vulnerable servers across Europe, as well as the rest of the world. Even if the targets of the attacks aren't in European countries themselves, the amount of traffic and noise created by reflection attacks can have a broad-reaching impact across the Internet.

Leave a comment