The size of distributed denial-of-service (DDoS) attacks, in terms of volume, increased by 216% in Q2 2014 when compared to Q1 2014, with two-thirds of the attacks greater than 1Gbps, according to a report from security firm Verisign.
The report claimed that the attacks reached a peak of 300Gbps/24 Mpps for UDP floods and 35Gbps/91 Mpps for TCP, which was an increase of 291% year-over year.
43% of the attacks were targeted towards media and entertainment customers, followed by 41% of attack targeted at IT, SaaS and Cloud services.
Verisign’s CSO, Danny McPherson, said they not only saw a jump in frequency and size of attacks against their customers, but they witnessed the largest DDoS attack they had ever observed and mitigated – an attack over 300 Gbps against one of their Media and Entertainment customers.
The report stated: "Verisign saw sophisticated TCP and UDP floods that targeted specific custom application ports and continuously switched vectors.
The primary attack vector continues to be UDP based NTP reflective attacks generating significant volumetric attack scale against online businesses.
"Many organisations do not use or trust external systems for their NTP, so in this case the solution can be as easy as restricting or rate limiting NTP ports inbound/outbound to only the authenticated/known hosts.
"The real danger of an NTP attack is volume as a result of feasible amplification vectors it provides."
