A new report from security vendor Prolexic Technologies warns of a sudden spike in the number and intensity of distributed denial of service (DDoS) attacks. The company warns that most enterprises are not adequately protected.
PCMag's Chloe Albanesius reported, "Distributed denial of service (DDoS) attacks are on the rise and becoming more sophisticated, according to new data. In a new report, security firm Prolexic determined that the first quarter of 2013 was a 'landmark quarter' for DDoS attacks. 'One word sums up Q1 2013: remarkable,' Prolexic said. 'Never before have attacks been this formidable.'"
All Things D's Arik Hesseldahl explained, "During the first quarter of the year, the average DDOS attack totaled 48.25 gigabits per second, which is an increase by more than 700 percent versus the prior quarter. The data is contained in a report the company issued today. It’s worth noting that that’s an average, not a peak. If you liken a DDOS attack to a fire hose, then what this means is that the amount of unwanted water an attacker is able to spray at a target increased sevenfold in one quarter. Anything in excess of 45Gbps is enough to overwhelm even the biggest enterprises and service providers, said Stuart Scholly, Prolexic’s president."
InformationWeek quoted Scholly, who said, "Average packet-per-second rate and average bit rate spiked in the first quarter and both are growing at a fast clip. When you have average -- not peak -- rates in excess of 45 Gbps and 30 million packets per second, even the largest enterprises, carriers and, quite frankly, most mitigation providers, are going to face significant challenges."
Ars Technica's Dan Goodin noted, "The spikes are brought on by new attack techniques that Ars first chronicled in October. Rather than using compromised PCs in homes and small offices to flood websites with torrents of traffic, attackers are relying on Web servers, which often have orders of magnitude more bandwidth at their disposal. As Ars reported last week, an ongoing attack on servers running the WordPress blogging application is actively seeking new recruits that can also be harnessed to form never-before-seen botnets to bring still more firepower. Also fueling the large-scale assaults are well-financed attackers who are increasingly able to coordinate with fellow crime organizations."