2018 DDoS Attack Landscape-2

2018 DDoS Attack Landscape-2

April 10, 2019 | Mina Hao

Overview of DDoS Attacks in 2018 

2018 vs. 2017

  • The total number of DDoS attacks seen by NSFOCUS in 2018 reached 148,000, down 28.4% from 2017.
  • The total volume of DDoS attack traffic seen by NSFOCUS in 2018 reached 643,100 TB, on a par with 2017.
  • The average peak traffic of individual DDoS attacks seen by NSFOCUS in 2018 increased 204% from 2017 to 42.8 Gbps.
  • The maximum peak traffic in a single DDoS attack in 2018 reached 1.4 Tbps, on a par with 2017.
  • The average attack duration in 2018 seen by NSFOCUS decreased 17% from 2017 to 42 minutes.

Key Findings

  • Finding 1: In 2018, DDoS attacks kept expanding in size as DDoS-as-a-Service experienced a fast growth.
  • Finding 2: DDoS attackers were obviously profit-driven and sensitive to regulatory policies and national governance measures.
  • Finding 3: The number of reflection attacks decreased and those DDoS attacks using mixed methods called for more attention.
  • Finding 4: IoT-related threats were looming large as a result of medium and high vulnerabilities in a variety of IoT devices that could be exploited by malware.
  • Finding 5: Most DDoS attacks took place during busier hours of a day to maximize the attack effect.
  • Finding 6: Cloud services/IDCs, gaming, and e-commerce were top 3 industries targeted by attackers, with cut-throat competition as the major driver.
  • Finding 7: Botnet command and control (C&C) servers were mainly distributed in the USA and China.
  • Finding 8: China still ranked No. 1 in terms of both total attack sources and attack targets.

to be continued