View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
April 28, 2015

Largest ever DDoS attack hits operator in Q1 2015

DDoS data also reveals attacks were short-lived, but packed a greater punch.

By CBR Staff Writer

DDoS attacks have evolved during the first quarter of 2015, with the majority lasting a shorter time but packing a greater punch. A record breaking 334Gbps attack, targeting a network operator in Asia, was also discovered in Q1.

According to the Q1 2015 global DDoS attack data from Arbor, the majority of attacks were short-lived, with approximately 90% lasting less than 1 hour.

Arbor’s ATLAS threat intelligence infrastructure claimed to have recorded 25 attacks which are larger than 100Gbps.

Arbor said that the recent large-scale attacks on enterprise and service provider networks used a reflection amplification technique, which allowed the attackers to confuse the original sources of that attack traffic and magnify the amount of traffic they generated.

The technique uses Simple Service Discovery Protocol (SSDP), Network Time Protocol (NTP) and DNS servers and targets poorly configured and protected devices on the Internet providing UDP services, and service providers who do not implement filters to block traffic with a ‘forged’ source IP address.

The report also highlighted changing techniques used by attackers, which showed 126,000 attacks performed by SSDP reflection in Q1 2015, which is a drastic increase from just three SSDP reflection attacks detected in Q1 2014.

Arbor noted that volumetric attacks have increased in size and frequency over the past 18 months, with application-layer attackers noted as being pervasive.

Content from our partners
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester
Infosecurity Europe 2024: Rethink the power of infosecurity

Arbor has recommended the use of multi-layered defence, which integrates on-premise protection with cloud-based protection against higher magnitude volumetric DDoS attacks.

Arbor Networks Solutions Architects director Darren Anstee said: "Attacks that are significantly above the 200Gbps level can be extremely dangerous for network operators and can cause collateral damage across service provider, cloud hosting and enterprise networks."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.