Q1 2014 Global Attack Report: Analysis and Emerging Trends

Selected excerpts

In Q1 2014, Media and Entertainment took the brunt of DDoS attacks, accounting for 50 percent of the attack targets in Q1. Software and Technology was the second most often hit at 17 percent. Security accounted for 12 percent of attacks. Finance was targeted 9 percent of the time. Gaming was the last of the top five industry targets with 7 percent of all observed attacks. Media and entertainment The Media and Entertainment industry accounted for a majority of the attacks against Prolexic customers. Attacks against this vertical offer several advantages for malicious actors, including press coverage and high visibility, which allows campaign organizers to more effectively reach out to supporters and recruit others to join their cause. The Media and Entertainment industry experienced some of the highest volume attacks from both application and infrastructure attack vectors. Forty-two percent of all NTP reflection and amplification attacks in Q1 targeted Media and Entertainment. Prolexic continues to see a major interest by attackers in targeting the industry to spread fear and propaganda through political or socially motivated DDoS campaigns. This industry was targeted with 54 percent of the malicious packets consumed by Prolexic during active DDoS attacks. Software and technology The Software and Technology industry includes companies that provide solutions such as Software as a Service (SaaS) and other cloud-based technologies. This industry was hit with the second greatest number of attacks, accounting for 17 percent. The Software and Technology industry was mainly targeted by infrastructure-layer attacks. The most popular attack vectors against this industry were DNS and NTP reflection and amplification attacks. Software and Technology was the target of these types of attacks 23 and 22 percent of the time, respectively. Security The Security vertical includes companies that provide security-based solutions, such as Prolexic. This industry faced 12 percent of all DDoS attacks. The motive behind attacks against this vertical is to take down a critical service that leaves a customer susceptible to other attacks. Thisindustry also sees a high amount of infrastructure-based attacks, accounting for 12 percent of all NTP attacks, 8 percent of all DNS attacks and 6 percent of all CHARGEN attacks. Financial services The Financial Services industry was targeted in 9 percent of total attacks in the first quarter. Financial institutions have been the target of many organized attacks, such as those orchestrated by organized cyber-crime group Izz ad-Din al-Qassam Cyber Fighters (QCF) using

itsoknoproblembro. Fortunately, this industry did not experience major campaigns this quarter. A quiet quarter does not necessarily reflect a diminished interest by attackers against this industry. Infrastructure-layer attacks pose the greatest threat to this industry due to the importance of the always-on services they provide. Recently, there have been indicators that suggest major campaigns could resume. Malicious actors may be pursuing more refined methodologies to introduce new attack vectors against financial targets. Gaming The Gaming industry includes any company related to online gaming or gaming-related content. Gaming was the fifth most-targeted industry vertical, accounting for 7 percent of total attacks. Attacks against the Gaming industry are frequently motivated by players seeking to gain a competitive advantage. The Gaming industry receives mostly application-layer attacks; 13 percent of GET floods and 23 percent of POST floods targeted Gaming in Q1. The data discussed represents only a portion of active DDoS attack campaigns that occurred in this quarter against the named industries. Prolexic will continue to analyze and take the necessary measures to provide real-time insight into DDoS attacks against specific industry verticals. Get the full Q1 2014 Global Attack Report with all the details Each quarter Prolexic produces a quarterly DDoS attack report. As the world's leading DDoS mitigation provider, Prolexic is ideally positioned to collect valuable data on the origins, tactics, types and targets of DDoS attacks and identify emerging trends. Download the Q1 2014 Global Attack Report at www.prolexic.com/attackreports for:

● Global DDoS attack trends ● Year-over-year and quarter-by-quarter comparisons ● Types of attacks used ● Network protocols at risk for abuse by attackers ● Industries targeted ● Details about real attacks mitigated by Prolexic

The more you know about DDoS attacks, the better you can protect your network against cyber-crime. Download the free Q1 2014 Global Attack Report today. About Prolexic Prolexic, now part of Akamai, offers DDoS protection solutions that leverage proprietary DDoS filtering techniques and the world’s largest cloud-based DDoS mitigation network. To learn more about how Prolexic solutions stop DDoS attacks and protect business, please visit www.prolexic.com.