In a new report, Imperva researchers shed some light on how DDoS attacks are evolving and becoming at once more complex and briefer.
In the first quarter of this year, 80 percent of all attacks lasted less than an hour with 90 percent of all network layer attacks lasting less than 30 minutes, compared to only 78 percent in the previous quarter. This is due to the prevalence of “botnet-for-hire” services that enable their users to launch short, low-volume bursts. In recent years these “botnet-for-hire” services have become more and more accessible for a non-technical customer base and are gaining popularity.
“Such services are commonly used by non-professionals, often internet trolls who use DDoS to settle a personal dispute or to simply harass their victims,” the report says.
The report also shows that network layer attacks have grown more complex, with more than 40 percent of attacks being multi-vector assaults.
“These attacks are a sign of the times; launching a DDoS assault has become as simple as downloading an attack script or paying a few dollars for a DDoS-for-hire service. Using these, non-professionals can take a website offline over a personal grievance or just as an act of cyber vandalism in what is essentially a form of internet trolling,” Igal Zeifman, security evangelist at Imperva, said.
When it comes to the sources of these attacks, the top three countries of origin were China, South Korea and the United States. Fully 51 percent of attacks came from China, 11 percent from South Korea, and 7 percent from the U.S. The most targeted countries in the last quarter were the U.S., United Kingdom and Japan. In addition to those, Singapore and Israel joined the list for the first time.
Many small companies that were previously immune from these large attacks are even facing attacks as of late. This report aligns with a report out earlier this month from Neustar who reported that there have been twice as many DDoS attacks of more than 50 Gbps in the past year as compared to 2016.