Large distributed denial of service (DDoS) attacks are on the rise, with attacks greater than 100 Gbps seeing a 138% increase over the past year, according to a new report. Akamai’s State of the Internet / Security Report for Q3 2016 was released on Tuesday, and it explains the reasons for the uptick in DDoS attacks.
One of the core reasons for the prevalence of these attacks is the Mirai botnet, which was released into the wild in October, following an attack on a popular security blog. The Mirai botnet was responsible for the massive Dyn DDoS attack, and for a separate attack that nearly took down the entire country of Liberia.
“Every couple of years the industry faces what could be considered ‘harbinger attacks’, where the size and scope of a security event are radically different than what has come before. I believe the industry faced its latest ‘harbinger’ with the Mirai botnet,” Martin McKeay, senior security advocate and senior editor for the report, said in a press release.
SEE: Information security incident reporting policy template (Tech Pro Research)
Mirai was also responsible for two attacks on the website krebsonsecurity.com, measuring at 623 Gbps and 555 Gbps respectively, the report said. The botnet itself usually gains access through compromised IoT devices.
“The Mirai botnet also made concrete the industry’s fear that Internet of Things (IoT) and other Internet connected devices could be used for both web application and DDoS attacks, illustrating the need for device manufacturers to place a greater emphasis on security,” McKeay said in the release.
While DDoS attacks over 100 Gbps rose by over 130%, DDoS attacks, overall, rose by 70% over the past year, according to the report. During Q3, Akamai mitigated 4,556 DDoS attacks in total, which actually marked a decrease of 8% since the previous quarter.
Of all the DDoS attacks, those that occurred at the application layer accounted for a mere 1.66% of the total attacks, as they require more technical expertise, the report said. Infrastructure attacks, on the other hand, are easier to pull off and were more common.
An interesting comparison, noted in the report, is that over the same period of time that DDoS attacks rose, web app attacks decreased by 18% over the past year. In that same time frame, web app attacks from the US dropped by 67% and attacks from Brazil dropped by 79%.
The 3 big takeaways for TechRepublic readers
- DDoS attacks greater than 100 Gbps rose 138% from the same time last year, according to an Akamai report.
- One of the main drivers of these large DDoS attacks was the Mirai botnet, which targeted Dyn and the website of Brian Krebs.
- While DDoS attacks rose, web application attacks fell in the same time period.