Distributed Denial of Service (DDoS) attacks are on the rise, according to cloud service provider Akamai, with more than double the number reported from this time a year ago.
Not only that, but the methods are changing to ensure DDoS attacks are longer-lasting, and inflict more damage, reports ZDNet. While last year DDoS attacks were characterized by high bandwidth but short duration, so far in 2015 attacks have used less bandwidth, but been of a far longer duration. An Akamai spokesperson told SC Magazine, "An HTTP flood will not consume a lot of bandwidth, but it will generate a lot of HTTP requests." This still overwhelms the site, but makes it harder to see a malicious attack coming.
Another interesting development is the change in attack vectors. Simple Service Discovery Protocol (SSDP) attacks represent 20 percent of the DDoS traffic, seemingly coming from nowhere as unrepresented in last year's report. Why the rise? Unsecured internet-connected Plug and Play devices, reckons Akamai, left vulnerable as they're not updated as frequently as they should be.
This is a trend we can expect to rise, according to Eric Korbin of Akamai, who told SC Magazine, "I expect to see more application layer attacks based off home and small business appliances. As attackers learn more about the protocols where the designer didn't take adversaries into account those become easier targets."
The gaming industry continues to be the target of the majority of DDoS attacks, accounting for over a third of all attacks recorded. Korbin puts this trend down to the roots of DDoS for hire websites, which were often used by competitive gamers looking to gain the edge through attacks on rival players, he says.
Startlingly, over half the DDoS attacks in the world stem from just three countries, with China (23 percent), Germany (17 percent) and the United States (12 percent) adding up to 52 percent of the total DDoS attack traffic.
You can read the full Akamai 'State of the Internet' report here.
