The distributed denial of service attack is one of the premier methods of denying internet services and applications to the general public and business alike. In fact, it seems that the use of the DDoS has risen nearly astronomically year over year, with a 129% increase in occurrences of the attack type.
A literal DDoS happening in an undisclosed location somewhere on Mars
DDoS attacks getting serious, up astronomically
DDoS’s occur when an attacker uses a surreptitiously created network of devices have been infected, usually without their knowledge, with malware to send arbitrary packets of information over the internet to overload a particular server, or service. It’s effective in that with the large number of devices one can muster for an attack, you can’t possibly stop or intelligently blacklist all IP or MAC addresses in real-time to fight it. The most effective way to mitigate is through the absorption of the traffic onto an extended network that’s targeted at the application layer (though DDoS attacks can be at a number of different layers).
This quarter, year over year, the internet itself has apparently had over 4,919 DDoS attacks, according to Akamai and Tara Seals. The increase in instances may very well be due the rise in the availability of simpler tools to carry out those attacks in addition to a rise in the amount of DDoS-for-hire services found on the darknet (Seals, 2016). Despite the growing number and frequency of these attacks on web services, the volume of traffic actually being sent to shut down services has actually decreased by 36% on average, though the largest attack on record actually occurred during this quarter with a very large 363Gbps of bandwidth having been used on June 20th 2016. The reported average bandwidth used for any average attacks is actually 3.85Gbps, which can be mitigated with the proper backend to absorb that kind of traffic. Any attack on a website, regardless of the vector, is something that should not occur in the first place. Most of these attacks, 56.09% in fact, have been found to be coming from China, not necessarily surprising considering rising tensions between the US and China. China has had the honor of being the top sourced country for DDoS traffic since the second quarter of 2015. The US is ranked number two with 17.38% of all traffic being used to cause the DDoS. Source traffic merely refers to the country of origin where the traffic is coming form and doesn’t necessarily mean that the attack was launched from those countries. Russia is oddly missing from the list of source countries completely.
It seems that attackers are constantly scouring the internet for the appropriate opportunities to attack websites, using automated tools and bots to help gather that information. It seems that there was even a particular day where 43% of all web traffic actually consisted of bots, and not actual humans. With that, DDoS traffic is only going to rise in persistence as tools become increasingly easy and inexpensive to use. The DDoS is a particularly malicious type of attack that’s persistent and quite effective. Hopefully we can develop new technologies in the future that can help to curb this rising activity.
Source: Akamai State of the Internet