The Q4 2014 State of the Internet - Security report is out today. We've previewed sections this past week (see sidebar below), but now we can share some numbers.
In the final quarter of 2014, we observed the following:A 52 percent increase in average peak bandwidth of DDoS attacks compared to Q4 a year ago.
Large packets of unwanted network traffic can quickly sap an enterprise's ability to respond to legitimate customers, resulting in denial of service outages. Most unprotected sites cannot withstand a typical DDoS attack. As a result, DDoS attacks have become part of the common cybersecurity threatscape that all enterprises with an online presence must anticipate in a risk assessment.
Nearly 40 percent of all DDoS attacks used reflection techniques.
These rely on Internet protocols that respond with more traffic than they receive and do not require an attacker to gain control over the server or device.
The expansion of the DDoS-for-hire market also promoted the use of multi-vector campaigns, as the competitive market drove attack innovation.
Significantly more multi-vector attacks were observed - 88 percent more than in Q4 2013. More than 44 percent of all attacks used multiple attack vectors.
The timing of DDoS attacks was distributed more evenly in Q4, a DDoS trend that appears to be fueled by an increasing number of targets of greater value in previously underrepresented geographic locations.
In addition, geographical sources of malicious traffic have shifted. The United States and China continued as the lead source countries for DDoS traffic, but instead of the Brazil, Russia, India and China (BRIC) block that dominated in Q3 2014, Q4 DDoS attack traffic came in large part from the United States, China and Western Europe.
How does that compare with previous quarters? Here's what we found:
Compared to Q4 2013
• 57 percent more DDoS attacks
• 52 percent increase in average peak bandwidth
• 77 percent decrease in average peak packets per second
• 51 percent more application layer attacks
• 58 percent more infrastructure layer attacks
• 28 percent increase in average attack duration
• 84 percent more multi-vector attacks
• 200 percent increase in 100+ Gbps attacks (9 vs. 3)
Compared to Q3 2014
• 90 percent more DDoS attacks
• 54 percent decrease in average peak attack bandwidth
• 83 percent decrease in average peak packets per second
• 16 percent more application layer attacks
• 121 percent more infrastructure layer attacks
• 31 percent increase in average attack duration
• 38 percent more multi-vector attacks
• 47 percent fewer 100+ Gbps attacks (9 vs. 17)