The days when attackers relied on sheer bandwidth volume alone to knock out websites are over, with miscreants increasingly using application-layer and multi-vector attacks.
The latest annual study from DDoS attack protection company Arbor Networks reports that 46 per cent of respondents said they had experienced multi-layer attacks in the year up to the end of September 2012, markedly up from the 27 per cent recorded in the year before. The largest attack reported was 60 Gbps, the same figure as 2011.
In 2010, the peak attack hit a bumper 100 Gbps.
Instead of concentrating on upping the noise, the bad guys have switched tactics towards application-layer (targeting web services, mostly) and multi-vector attacks rather than less sophisticated packet flood attacks, Arbor said.
Data centres and cloud services are increasingly getting hit by DDoS attacks, which have traditionally been slung solely against websites. Arbor reports that "distributed denial of service (DDoS) attacks have plateaued in size but become more complex" adding that "data centre and cloud services are especially attractive targets". The vast majority (94 per cent) of data centre operators polled by Arbor Networks reported they had been hot by attacks during the study period.
DDoS attacks are used by a variety of players from hacktivists to cybercriminals using packet floods as a means of extortion to business rivals of targeted companies. Arbor reports that e-commerce and online gaming sites are among the most common targets of attack.
Arbor's study, generally regarded as one of the best of its type, is based on survey data provided by network operators from around the world that use its technology to fend off DDoS attacks.
The study also found that DNS (Domain Name Server) infrastructure remains vulnerable. More than a quarter (27 per cent) of respondents experienced customer-impacting DDoS attacks on their DNS infrastructure—a significant increase over the 12 per cent of respondents from previous year’s survey.
Arbor Network's eight annual Worldwide Infrastructure Security Report report can be found here. ®