Multiple attack types are the norm

Verisign has released its Q1 2018 DDoS Trends Report, which represents a unique view into the attack trends unfolding online, through observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of Verisign DDoS Protection Services, and security research conducted by Verisign Security Services.

Friday, 29th June 2018 Posted 6 years ago in by Phil Alsop

Verisign observed that 58 percent of DDoS attacks that were mitigated in Q1 2018 employed multiple attack types. There was a 53 percent increase in the number of attacks, as well as a 47 percent increase in the attack peak sizes, when compared to Q4 2017; however, the attack peak sizes have decreased by 21 percent, year over year.

The largest volumetric and highest intensity DDoS attack observed by Verisign in Q1 2018 was a multi-vector attack that peaked at approximately 70 Gigabits per second (Gbps) and 7.4 Million packets per second (Mpps). The attack consisted of a wide range of attack vectors including TCP SYN and TCP RST floods, DNS and SNMP amplification attacks, Internet Control Message Protocol (ICMP) floods, and invalid packets.

Key DDoS Trends and Observations:

Fifty percent of DDoS attacks were User Datagram Protocol (UDP) floods.
TCP-based attacks were the second most common attack vector, making up 26 percent of attack types in the quarter.
Fifty-eight percent of DDoS attacks mitigated by Verisign in Q1 2018 employed multiple attack types.
The Financial industry, representing 57 percent of mitigation activity, was the most frequently targeted industry for Q1 2018. The IT/Cloud/SaaS industry experienced the second highest number of DDoS attacks, representing 26 percent of mitigation activity, followed by the Telecom industry, representing 17 percent of mitigation activity.