Overview of DDoS Attacks in 2018
2018 vs. 2017
- The total number of DDoS attacks seen by NSFOCUS in 2018 reached 148,000, down 28.4% from 2017.
- The total volume of DDoS attack traffic seen by NSFOCUS in 2018 reached 643,100 TB, on a par with 2017.
- The average peak traffic of individual DDoS attacks seen by NSFOCUS in 2018 increased 204% from 2017 to 42.8 Gbps.
- The maximum peak traffic in a single DDoS attack in 2018 reached 1.4 Tbps, on a par with 2017.
- The average attack duration in 2018 seen by NSFOCUS decreased 17% from 2017 to 42 minutes.
- Finding 1: In 2018, DDoS attacks kept expanding in size as DDoS-as-a-Service experienced a fast growth.
- Finding 2: DDoS attackers were obviously profit-driven and sensitive to regulatory policies and national governance measures.
- Finding 3: The number of reflection attacks decreased and those DDoS attacks using mixed methods called for more attention.
- Finding 4: IoT-related threats were looming large as a result of medium and high vulnerabilities in a variety of IoT devices that could be exploited by malware.
- Finding 5: Most DDoS attacks took place during busier hours of a day to maximize the attack effect.
- Finding 6: Cloud services/IDCs, gaming, and e-commerce were top 3 industries targeted by attackers, with cut-throat competition as the major driver.
- Finding 7: Botnet command and control (C&C) servers were mainly distributed in the USA and China.
- Finding 8: China still ranked No. 1 in terms of both total attack sources and attack targets.
to be continued