Distributed-denial-of-service (DDoS) attacks that use chains of hijacked computers called botnets to flood servers with traffic appear to be on the decline, according to figures collected by the security vendor Kaspersky Lab.

Botnet-assisted DDoS strikes were found to have dropped by 11% year-on-year in the first quarter of 2015, with slightly more than 23,000 such attacks detected by the company, down from almost 26,000 for the previous year.

Writing online, Kaspersky noted that the number of victims of the attacks had dropped in line with the volume, but added that the news was not all positive.

"The cybercriminals who use botnets to carry out DDoS attacks are willing to persevere: the longest DDoS attack reported in Q1 2015 lasted for about 6 days, and the most frequently attacked web resource survived 21 attacks within the three month period," it said.

"However, study shows that even a short, one-off attack may render an unprotected web resource inoperable.

"One such attack may cost the victim up to $444,000 (£291,000), not including the reputational damage associated with the unsatisfied users who failed to receive the service they expected."

Most of the attacks captured by Kaspersky were found to target China, the US and Canada, with the UK not appearing on the list of top ten victims.

Whilst attacks on the US and China fell during the previous year, attacks on Canada have increased, as have attacks on Russia, South Korea and France.

In addition to the above, Kaspersky reported that "last December saw a dramatic increase in the number of botnet-assisted DDoS attacks" that its sensors picked up.

"The December peak could be linked to the Christmas / Near Year holidays, when the cybercriminals redoubled their efforts to disrupt the operation of websites and services popular with users," it said.

Among the major attacks seen in December was a series organised by the hacking group Lizard Squad, which attacked video games services by Sony and Microsoft in what has largely been dismissed as an attention-seeking ploy.

"DDoS attacks remain a very popular tool with cybercriminals, so companies must take proactive care of their security," Kaspersky said.

"A junk traffic filtration service will allow an online resource to remain accessible for legitimate users even during a long and powerful attack."