Distributed denial of service attacks on the rise, online gaming remains top target


ddos-attacks-online-gamblingThe number of distributed denial of service (DDOS) attacks is on the rise and online gaming sites remain the number one target.

According to the latest State of the Internet Security report by Akamai Technologies, the number of DDOS attacks in the first quarter of 2016 was up 125% from Q1 2015 and up 22.5% from Q4 2015.

Online gaming sites – which includes not only gambling but also console gaming networks – were the targets in 55% of the Q1 DDOS attacks, about the same as in Q4. Software & technology sites ranked a distant second at 25%, while media & entertainment were third with just 5%.

On the plus side, the average duration of Q1’s DDOS attacks was 16.14 hours, down more than one-third from Q1 2015.

On the downside, Akamai says multi-vector attacks are becoming more popular, presenting greater challenges for sites’ security practitioners. Single-vector attacks have declined from 56% of the total in Q2 2015 to just 41% in Q1 2016.

Akamai counted a record 19 attacks in which the volume of data topped 100 gigabytes per second (Gbps), up from just five such mega-attacks in Q4. The previous record of 17 100-Gbps attacks was recorded in Q3 2014.

The gaming industry was targeted in three of these mega-attacks, all of which occurred the day before or the day of this year’s SuperBowl, strongly suggesting that the attackers weren’t targeting console gamers.

Akamai believes DDOS attackers are becoming more persistent in targeting specific sites. Targeted sites were hit with an average of 29 attacks in Q1, up from 15 in the same period last year. Akamai credited the rise to the ease with which attackers could now acquire DDOS attack platforms.

Akamai didn’t name names, but Q1’s most frequently targeted website was hit with 283 DDOS attacks, an average of three per day. This type of focus is typical of what Akamai called the latest DDOS trend, in which attackers “hammer away at high-value organizations, regardless of effect, looking for a moment when defenses might drop.”

DDOS attacks are also being used more and more as “a diversion technique to exhaust company resources while attacks are launched against the primary target.” Akamai suggests data exfiltration as the true motivation behind many repeated DDOS attacks.

Akamai believes a lot of DDOS attackers are now mimicking tactics pioneered by the infamous DD4BC group, which offered to forego large-scale DDOS attacks if the victims coughed up a certain number of Bitcoins.

China was the source of 27% of all DDOS attacks in Q1, followed by the United States at 17% and Turkey with 10%. Turkey has now made the top-10 for two straight quarters, which Akamai credited to Russian hackers migrating outside their home country.