"Mega" DDoS attacks grew by 140% YOY, according to Akamai

14 February 2017 | James Pearce

DDoS attacks greater than 100Gbps increased by 140% in the fourth quarter of 2016, with 10 attacks surpassing 300Gbps in the year overall, according to Akamai.

In its latest State of the Internet security report, content delivery network Akamai found the larges distributed denial of service (DDoS) attack in Q4 2016, which peaked at 517Gbps, came from a Spike botnet that has been around for two years.

There were 12 so-called "mega" attacks (over 100Gbps) recorded in Q4, seven of which were attributed to Mirai. The malware shot to fame last year after it was used in a DDoS attack on DNS provider Dyn that resulted in outages for a number of major internet platforms.

Mirai attacks consumer devices such as remote cameras and home routers, part of the internet of things (IoT) to increase data output, potentially launching a DDoS attack. It has been linked to numerous attacks last year, and crashed an estimated 900,000 routers from Deutsche Telekom in November. 

Though DDoS attacks grew by 4% year-on-year, they were down 16% on a quarterly basis. The number of attacks measured at 100Gbps or more also fell by 37% to 12, compared with Q3. However, there was just five attacks of that volume recorded in Q4 2015.

Attacks on web applications fell year-on-year by 19%, while the number of attacks from the US, which is currently the top source of attacks overall, also decreased.

"As we saw with the Mirai botnet attacks during the third quarter, unsecured Internet of Things (IoT) devices continued to drive significant DDoS attack traffic," said Martin McKeay, senior security advocate and senior editor of the report. 

"With the predicted exponential proliferation of these devices, threat agents will have an expanding pool of resources to carry out attacks, validating the need for companies to increase their security investments. Additional emerging system vulnerabilities are expected before devices become more secure.

"If anything, our analysis of Q4 2016 proves the old axiom 'expect the unexpected' to be true for the world of web security." 

Topics: DDoS, 100Gbps, Akamai, State of the Internet, cyber security, Mira, Dyn, attacks, Martin McKeay