Overview of Prolexic Quarterly DDoS Attack Report: Q1 2013

IntroductionQ1 2013 was quite notable for DDoS attacks. The most formidable distributed denial of service (DDoS) attacks – ever – occurred in the first quarter of 2013; more than 10 percent of attacks exceeded 60 Gigabits per second (Gbps), and volumetric bandwidth averaged an attention grabbing 48.25 Gbps. Additionally, the notorious DDoS attack on Spamhaus.org occurred this quarter.

One of the most important trends was the targeting of internet service providers (ISPs) and carrier router infrastructures. Packets-per-second (PPS) were notable as well (see the full report). Most DDoS mitigation equipment is limited by PPS capacity. Even routers carrying traffic to DDoS mitigation equipment would be strained at the level seen in Q1 2013. However, because Prolexic operates upstream in the cloud, it typically intercepts traffic long before an attack saturates carrier networks, making Prolexic one of the few companies in the world that can mitigate the high-level of DDoS traffic experienced in Q1 2013.

Analysis of Attack TypesIn Q1 2013, attackers favored launching infrastructure (Layer 3 and Layer 4) attacks directed against bandwidth capacity and routing infrastructure more so application layer attacks. However, application attacks were still significant. Favored attack types were SYN, GET, UDP, and ICMP floods. (Download the full report for details.)

DDoS Attack Frequency in Q1: 2013 vs 2012Prolexic mitigated the most DDoS attacks ever in Q1 2013. March accounted for 44 percent of the Q1 2013 attacks. The most active week for DDoS attacks in Q1: March 19-26, as shown below.

Overview of Prolexic Quarterly DDoS Attack Report: Q1 2013

Top Ten Source Countries: DDoS Attacks in Q1 2013The first quarter revealed China as the leader of malicious traffic with 40 percent of sourced botnet activity. The U.S. and Germany were second and third, respectively, as shown below.

Read the full Q1 2013 Global DDoS Attack Report for more details, including: Average and trends in attack duration and bandwidth Total number and trends of attacks by type Year-over-year and quarter-over-quarter comparisons Case study 1: An enterprise attack Case study 2: Metrics from a DNS reflection and amplification attack against Prolexic,

including a heat map of source countries for this attack. A forward look at emerging DDoS trends

About ProlexicProlexic Technologies is the world’s largest and most trusted distributor of DDoS protection and mitigation services. Learn more at www.prolexic.com.

About PLXsertProlexic Security and Engineering Response Team (PLXsert) monitors the global malicious cyber threats and actively analyzes DDoS attacks using proprietary techniques and equipment.