Furthermore, attacks greater than 100 Gbps increased to 12 during the quarter, a 40% year-over-year increase. Seven of the 12 Q4 2016 big attacks, those with traffic greater than 100 Gbps, can be directly attributed to the Mirai IoT botnet. In addition, the largest DDoS attack in Q4 2016, which peaked at 517 Gbps, came from Spike, a non-IoT botnet that has been around for more than two years, the study continues.
The number of IP addresses involved in DDoS attacks grew significantly in Q4 2016, despite DDoS attack totals dropping overall. The US sourced the most IP addresses participating in DDoS attacks – more than 180,000.
UDP fragment (27%), DNS (21%), and NTP (15%), were the top three of the 25 DDoS attack vectors tracked in Q4 2016. Akamai started tracking a new reflection DDoS attack vector this quarter Q1 2017, Connectionless Lightweight Directory Access Protocol (CLDAP), which attackers abuse to amplify DDoS traffic.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now