Link11, a leader in cloud-based anti-DDoS protection, has published its DDoS statistics for Q2 2019. The data shows that the quarter saw a massive 97% year-on-year increase in average attack bandwidth, up from 3.3Gbps in Q2 2018 to 6.6Gbps in Q2 2019.
These attacks are easily capable of overloading many companies’ broadband connections. There are several DDoS-for-hire services offering attacks between 10 and 100 Gbps for a modest fee. Currently, one DDoS provider is offering free DDoS attacks of up to 200 Mbps bandwidth for a duration of five minutes.
The maximum attack volumes seen by Link11 between April and June 2019 also increased by 25% year-on-year, to 195Gbps from 156Gbps in Q2 2018. In addition, 19 more high-volume attacks with bandwidths over 100 Gbps were registered in Q2 2019.
Rolf Gierhard, Vice President Marketing at Link11, said: “Too many companies still have the wrong idea when it comes to the threat posed by DDoS attacks. Our data shows that the gap between attack volumes and the capability of corporate IT infrastructures to withstand them, is widening from quarter to quarter. Given the scale of the threat that organisations are facing and the fact that the attacks are deliberately aimed at causing maximum disruption, it’s clear that businesses need to deploy advanced techniques to protect themselves against DDoS exploits.”
Increasing complexity of attacks
Multi-vector attacks posed an additional threat in Q2 2019, with a significant increase in complex attack patterns. The proportion of multi-vector attacks grew from 45% in Q2 2018 to 63% in the second quarter of 2019. Attackers most frequently combined three vectors (47%), followed by two vectors (35%) and four vectors (15%). The maximum number of attack vectors seen was seven.
Further findings from Link11’s Q2 DDoS statistics include:
- 20 DDoS attacks resulted in bandwidth peaks in excess of 100 Gbps
- The largest attack registered by Link11’s network reached a peak bandwidth of 195 Gbps
- The highest packet rate seen was 46 million packets per second
- The longest attack during the quarter lasted 1,938 minutes, i.e. over 32 hours
- The most important amplification reflection vector for achieving large attack volumes is still DNS reflection. According to data from the market research company IDC, more than 80% of companies have already been hit by a DNS attack
The data is based on defended attacks on websites and servers that are protected by Link11. In addition to network analyses and evaluation of DDoS attack data, the Link11 DDoS report also makes use of open source intelligence (OSINT) analyses. Further current data on DDoS attacks and attempts can be found in the Link11 DDoS blog.