DDoS Attacks in 2016: Plenty More and Bigger Than Ever

DDoS attacks are increasing in size and the frequency of attacks in the first half of 2016, a report has revealed.

The number of DDoS attacks in 2016 are increasing, so too are those at the top end of the most destructive DDoS attacks. Arbor Networks, the DDoS Mitigation arm of Netscout has revealed a new report that has confirmed that 2016 has seen has already seen 274 attacks peaking over 100Gbps, compared to 223 in all of 2015.

The data was gathered through a collaborative partnership called the Active Threat Level Analysis System (ATLAS). The common platform sees over 330 service provider customers share anonymous traffic data with Arbor to reveal a more aggregated and comprehensive view of DDoS attack patterns.

Related read: DDoS Attacks Are up 149 Percent Toward End of 2015

The data revealed the biggest DDoS attack these year, peaking at a mammoth 579Gbps, a 73% increase in peak attack size from 2015. An average of 124,000 events were recorded, every week, over the last 18 months. While 274 attacks over 100Gbps were monitored this year, 46 attacks reached beyond 200Gbps so far in the first half of 2016, compared to a relatively smaller total 16 in all of 2015. The most targeted countries and regions for attacks over 10Gbps? USA, France and Great Britain.

Related read: DDoS Attackers on Hire for $5

DDoS is a particularly troublesome threat as a cyberattack specifically due to the ready and inexpensive availability of free tools and inexpensive launch services.  Basically, anyone with a bone to pick and an internet connection can acquire the tools and resources to launch a DDoS attack in a relatively simple manner. And it shows. DDoS attacks have increased in frequency, size and complexity of attacks in recent years.

Alarmingly, a 1 Gbps attack, which is more than plenty to take out most organizations’ online presence and networks is the new norm. The average attack size in the first half of 2016 was 986Mbps, a 30% increase over 2015. The average attack size is expected to go up to 1.15 Gbps by the year’s end.

“The data demonstrates the need for hybrid, or multi-layer DDoS defense,” said Darren Anstee, Arbor Networks chief security technologist.

High bandwidth attacks can only be mitigated in the cloud, away from the intended target. However, despite massive growth in attack size at the top end, 80% of all attacks are still less than 1Gbps and 90% of attacks last less than one hour.