DDoS Attack Landscape

NSFOCUS DDoS Attack Landscape Report 2022

março 16, 2023

The DDoS attack landscape remains challenging. While organizations continue to explore new defense methods to protect against DDoS attacks proactively, attackers never stop creating sly and novel tactics to take down the target services. Download a copy of the full report to learn more.

2020 DDoS Attack Landscape Report – 4

julho 8, 2021

Key Findings – 5 The Number of DDoS Attacks on Healthcare, Education, and Government Sectors Increased Significantly During the COVID-19 Pandemic The healthcare sector suffered more DDoS attacks during the COVID-19 pandemic than previous years. According to statistics2, the number of attacks in each month in 2020 H2 increased year on year, with March and […]

DDoS Attack Landscape 10

junho 3, 2020

Active Families

  • Gafgyt

As one of the largest IoT DDoS families, Gafgyt compromises such devices as routers and cameras by means of password cracking and exploits to receive C&C commands and launch DDoS attacks.

In 2019, the Gafgyt family continued to be active, mainly targeting North America, Europe, and Australia. The number of Gafgyt-based malware increased fourfold compared with 2018 and the
average daily increase of C&C attacks reached 34.5%. Compared with 2018, the number of DDoS attack directives increased by 175%, most of which were UDP flood attacks targeting ports 80 and
443 for HTTP services and ports 3074, 300000, 30100, and 32000 for gaming services.


2018 DDoS Attack Landscape-9

junho 12, 2019

Behind DDoS attacks, there are complex economic interests in the underground industry. Therefore, effective governance needs to start from multiple dimensions, including policy, industry, resource, and technical dimensions. This chapter dwells upon how to mitigate DDoS attacks from the following perspectives.


2018 DDoS Attack Landscape-7

maio 22, 2019

3.5  Analysis of IoT Attack Sources

3.5.1 Participation of IoT Devices in DDoS Attacks

According to NSFOCUS’s IoT threat intelligence, some DDoS attacks are associated with IoT devices. By further analyzing the proportion of IoT devices in DDoS attack source IP addresses, we find that 3.14% are IoT devices. Although this proportion is relatively small, compared to the large base of DDoS attack source IP addresses, the threat of IoT device-based DDoS attacks cannot be overlooked.


2018 DDoS Attack Landscape-4

abril 23, 2019

3.2  DDoS Attack Type Analysis

3.2.1  Proportions of Different Attack Types 

In 2018, the most frequently seen attacks were SYN flood, UDP flood, ACK flood, HTTP flood, and HTTPS flood attacks6, which altogether accounted for 96% of all DDoS attacks. In contrast, reflection attacks contributed to no more than 3% of attacks. Compared with 2017, the year 2018 witnessed an 80% decrease in the number of reflection attacks, but a 73% increase in other attacks. This is because Chinese authorities took effective measures against reflectors (see section 3.1.1 “Attack Count and Traffic”). (mais…)

2018 DDoS Attack Landscape-3

abril 17, 2019

Analysis of DDoS Attacks in 2018

3.1  DDoS Attack Count and Peak Size

3.1.1  Attack Count and Traffic

In 2018, we observed 148,000 DDoS attacks (down 28.4% from 2017), which generated a total of 643,100 TB of traffic, about the same level as in 2017. DDoS attacks keep expanding in size year by year as large and medium-scale attacks are on the rise, as shown in section 3.1 “Distribution of Peak Sizes.” (mais…)


Inscreva-se no Blog da NSFOCUS