Link11, a leader in cloud-based anti-DDoS protection, has released its Q3 DDoS Report, revealing that the scale and volume of attacks continued to grow in Europe during Q3 2018. The LSOC registered a total of 15,934 attacks in the period (averaging more than 175 attacks per day), an increase of 71% over the previous quarter.
The average DDoS attack volume more than doubled in Q3, to 4.6 Gbps, up from 2.2 Gbps in Q2. Attacks are also becoming increasingly complex, with 59% of incidents using two or more vectors – up from 46% in Q2.
The highest volume attack observed by Link11 in 2018 rose to 371Gbps in Q3, an increase of 75% compared to the maximum of 212 Gbps observed in Q1. In addition, there were a further 35 attacks with bandwidth peaks above 100 Gbps. The Link11 Security Operation Centre (LSOC) also registered a sharp increase in attacks with bandwidth peaks of between five and 10 Gbps.
Multi-vector attacks, which accounted for 59% of all attacks in Q3, were also a major threat. A total of 37% of all attacks in Q3 featured three different vectors – more than double the number of triple-vector attacks seen in Q2 (16%).
The LSOC also observed that attacks are most frequent on Fridays and Sundays, with the level of attacks declining during the business week. Attackers targeted organisations most frequently between 4pm and midnight Central European Time, with attack volumes at their lowest between 5am and 10am CET.
The report also revealed:
- The highest number of attacks seen in one day during Q3 was 885 on Friday, August 17
- The longest defended attack in the 3rd quarter lasted almost 10 hours
- The most important high volume vectors were DNS Reflection and CLDAP
- Attacks via Memcached Reflection, which had dominated the 1st and 2nd quarters, were the exception
Aatish Pattni, Regional Director UK and Ireland for Link11, said: “The structure and composition of DDoS attacks is constantly changing, but the goal remains the same: to interrupt servers, networks or data streams.
“Over half of attacks during Q3 were multi-vector, making them harder to defend against and they are growing in volume, too, meaning they can easily overwhelm defences. To stop these attacks disrupting business operations, organisations need proactive protection that tracks and responds to evolving attack scenarios and patterns automatically, using advanced Machine Learning techniques.”
Current data on DDoS attacks, attempts, and numbers can be found in the Link11 DDoS blog.