HOLLYWOOD, FL: Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) protection services has announced that the average packet-per-second (pps) rate reached 47.4 Mpps and the average bandwidth reached 49.24 Gbps based on data collected in Q2 2013 from DDoS attacks launched against its global client base. These metrics, representing increases of 1,655 percent and 925 percent respectively compared to Q2 2012, are just two of many findings contained in the company’s Quarterly Global DDoS Attack Report, which was published recently.
“This quarter we logged increases for all major DDoS attack metrics, and some have been significant. DDoS attacks are getting bigger, stronger and longer,” said Stuart Scholly, president at Prolexic. “We believe this growth is being fueled by the increasing prevalence of compromised Joomla and WordPress web servers in increasingly large botnets.”
In Q1 2013, Prolexic recorded an average DDoS attack bandwidth of 48.25 Gbps, an all-time high since the company began issuing quarterly attack reports in Q3 2011. This second quarter, average bandwidth ticked even higher to 49.24 Gbps, representing a 2 percent increase over Q1 2013 and a 925 percent increase over Q2 2012. In addition, average packet-per-second volume reached 47.4 Mpps this quarter, a dramatic 46 percent increase over the 32.4 Mpps that was logged just last quarter. Compared to Q2 2012, the average packet-per-second rate has increased 1,655 percent.
After trending down in 2011 and part of 2012, average attack durations are increasing, rising from 17 hours in Q1 2012 and 34.5 hours in Q1 2013, to 38 hours this quarter.
“Attack durations are likely increasing because perpetrators are less concerned about detection and protecting their botnets,” said Scholly. “The widespread availability of compromised web servers makes it much easier for malicious actors to replenish, grow and redeploy botnets. Traditionally, botnets have been built from compromised clients. This requires malware distribution via PCs and virus infections, and takes considerable time and effort. Consequently, attackers wanted to protect their client-based botnets and were more fearful of detection, so we saw shorter attack durations.”