Press enter to see results or esc to cancel.

DDoS Attacks Have Become a Persistent Problem

Over the last decade, distributed-denial-of-service attacks have grown from a nuisance to a persistent problem that can potentially cripple a company. The Kaspersky Lab reports that there were 12,281 unique victims of DDoS attacks during the first quarter of 2015, and these attacks targeted Web resources in 76 countries. A new report from security firm Imperva offers a deeper examination of the topic—as well as the risks and repercussions from DDoS assaults. Among other things, the “Imperva DDoS Report 2015″ found that once an organization becomes a target of DDoS attacks, it remains a target; the length of a typical attack extends beyond the period most enterprise executives expect; and, if no mitigation occurs, organizations can lose millions of dollars and also wind up with frustrated customers who decide to give their business to competitive vendors. Imperva collected data in the wild during the course of mitigating thousands of DDoS assaults against Imperva Incapsula-protected domains and network infrastructures. Here are some of the key findings from the DDoS report:

Costly Consequences

An unmitigated DDoS attack costs a business U.S. $40,000 per hour, though the consequences can also include lost opportunities, data theft and loss of public trust.


Once a Website is targeted by application layer attacks, it will be attacked again—once every 10 days on average.

Timing Is Everything

71% of DDoS occurrences last under three hours, but 20% span five days or more. The longest known attack lasted 8 days.

Tools of the Trade

UDP (User Datagram Protocol) and SYN floods are the most common methods for launching DDoS attacks. They were used in more than 56% of all attacks.

Multi-Vector Attacks Diminish

56% of all network layer attacks were classified as multi-vector, compared to 81% in March 2014.

Botnet for Hire

40% of all mitigated network layer attacks fell into the botnet-for-hire category. The average subscription fee for a one hour a month DDoS package is roughly $38, with fees as low as $19.99

Application Layer Risks

A spike in activity occurred from devices infected with MrBlack, Nitol, PCRat and Cyclone malware. 15% of all attacks originated from China, followed by Vietnam, U.S., Brazil and Thailand

Bot Evolution

There is roughly the same percentage of primitive bots today as there was a year ago, but more sophisticated methods are emerging.

Searching for Results

Over the course of a year, search engine impersonator bots dropped from 58% of DDoS traffic to less than 1%.

No Escape

Overall, 40% of Imperva’s clients were exposed to attacks from botnets for hire




Comments are disabled for this post